MIT GSL 2018 week 1 | day 4 Introduction to Web Development II.

Slides:

Advertisements

Similar presentations

HTML Forms. collect information for passing to server- side processes built up from standard widgets –text-input, radio buttons, check boxes, option lists,

Advertisements

PHP syntax basics. Personal Home Page This is a Hypertext processor It works on the server side It demands a Web-server to be installed.

Video, audio, embed, iframe, HTML Form

Hypertext Transfer Protocol Kyle Roth Mark Hoover.

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

World Wide Web1 Applications World Wide Web. 2 Introduction What is hypertext model? Use of hypertext in World Wide Web (WWW) – HTML. WWW client-server.

WHAT IS AJAX? Zack Sheppard [zts2101] WHIM April 19, 2011.

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

IT 210 The Internet & World Wide Web introduction.

Copyright © cs-tutorial.com. Introduction to Web Development In 1990 and 1991,Tim Berners-Lee created the World Wide Web at the European Laboratory for.

Security.NET Chapter 1. How Do Attacks Occur? Stages of attack Examples of attacker actions 1. FootprintRuns a port scan on the firewall 2. PenetrationExploits.

1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.

Lecture 7 Interaction. Topics Implementing data flows An internet solution Transactions in MySQL 4-tier systems – business rule/presentation separation.

JavaScript, Fourth Edition Chapter 12 Updating Web Pages with AJAX.

Lecture#2 on Internet and World Wide Web. Internet Applications Electronic Mail ( ) Electronic Mail ( ) Domain mail server collects incoming mail.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.

JavaScript, Fourth Edition

COMP 321 Week 7. Overview HTML and HTTP Basics Dynamic Web Content ServletsMVC Tomcat in Eclipse Demonstration Lab 7-1 Introduction.

1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.

Chapter 8 Cookies And Security JavaScript, Third Edition.

JavaScript – Quiz #9 Lecture Code:

IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.

Website Development with PHP and MySQL Saving Data.

INTRODUCTION TO WEB APPLICATION Chapter 1. In this chapter, you will learn about:  The evolution of the Internet  The beginning of the World Wide Web,

BeamAuth : Two-Factor Web Authentication with a Bookmark 14 th ACM Conference on Computer and Communications Security Ben Adida Presenter : SJ Park.

CISC 3140 (CIS 20.2) Design & Implementation of Software Application II Instructor : M. Meyer Address: Course Page:

1 WWW. 2 World Wide Web Major application protocol used on the Internet Simple interface Two concepts –Point –Click.

Web Technologies Lecture 3 Web forms. HTML5 forms A component of a webpage that has form controls – Text fields – Buttons – Checkboxes – Range controls.

Module: Software Engineering of Web Applications Chapter 2: Technologies 1.

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

Introduction to Web & HTML

ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.

Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.

COSC 2328 – Web Programming.  PHP is a server scripting language  It’s widely-used and free  It’s an alternative to Microsoft’s ASP and Ruby  PHP.

JavaScript and Ajax Week 10 Web site:

WEB SECURITY WEEK 1 Computer Security Group University of Texas at Dallas.

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Week-2 (Lecture-1) An electronic message sent from one computer to another. contains account i.e. How does.

SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.

National College of Science & Information Technology.

1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.

Tonga Institute of Higher Education IT 141: Information Systems

JavaScript and Ajax (Ajax Tutorial)

CISC103 Web Development Basics: Web site:

Web Development Web Servers.

How does it work ?.

Authentication & .htaccess

Data Virtualization Tutorial… CORS and CIS

Sessions and cookies (part 2)

Sarang Nazari California State University, Los Angeles

IS333D: MULTI-TIER APPLICATION DEVELOPMENT

Prepared for Md. Zakir Hossain Lecturer, CSE, DUET Prepared by Miton Chandra Datta

CISC103 Web Development Basics: Web site:

Dr. John P. Abraham Professor UTRGV eCommerce CSCI 6314

AJAX Robin Burke ECT 360.

Tonga Institute of Higher Education IT 141: Information Systems

Lecture 2 - SQL Injection

JavaScript & jQuery AJAX.

Tonga Institute of Higher Education IT 141: Information Systems

HTTP GET vs POST SE-2840 Dr. Mark L. Hornick.

Introduction to World Wide Web

BOF #1 – Fundamentals of the Web

PHP Forms and Databases.

Test 3 review FTP & Cybersecurity

Information Retrieval and Web Design

Web Servers (IIS and Apache)

Presentation transcript:

MIT GSL 2018 week 1 | day 4 Introduction to Web Development II

Any HTML or JavaScript Questions?

Server - Client Relationship https://cybersecuritynews.co.uk

HTTP Requests Hypertext Transfer Protocol Methods GET POST PUT HEAD DELETE PATCH OPTIONS

HTTP Requests GET is used to request data from a specified resource POST is used to send data to a server to create/update a resource PUT is used to send data to a server to create/update a resource The difference between POST and PUT is that PUT requests are idempotent. That is, calling the same PUT request multiple times will always produce the same result. In contrast, calling a POST request repeatedly have side effects of creating the same resource multiple times.

GET POST BACK button/Reload Harmless Data will be re-submitted (the browser should alert the user that the data are about to be re-submitted) Bookmarked Can be bookmarked Cannot be bookmarked Cached Can be cached Not cached Encoding Type application/x-www-form-urlencoded application/x-www-form-urlencoded or multipart/form-data. Use multipart encoding for binary data History Parameters remain in browser history Parameters are not saved in browser history Restrictions on data length Yes, when sending data, the GET method adds the data to the URL; and the length of a URL is limited (maximum URL length is 2048 characters) No restrictions Restrictions on data type Only ASCII characters allowed No restrictions. Binary data is also allowed Security GET is less secure compared to POST because data sent is part of the URL Never use GET when sending passwords or other sensitive information! POST is a little safer than GET because the parameters are not stored in browser history or in web server logs Visibility Data is visible to everyone in the URL Data is not displayed in the URL

AJAX AJAX = Asynchronous JavaScript And XML. Not a programming language, but instead a method for getting servers from a web page. The whole point is that it’s possible to update parts of a web page, without having to reload the entire page. This is made possible because of the XMLHttpRequest Object.

AJAX

AJAX To send the request, use the open and send properties, then your request can either be a get or post.

AJAX For more information on the properties and methods you can use with AJAX, go to https://www.w3schools.com/xml/ajax_applications.asp A good example - https://www.w3schools.com/jquery/jquery_ajax_load.asp

Model-View-Controller(MVC) Model: Structures your data in a reliable form and prepares it based on controller’s instructions View: Displays data to user in easy-to-understand format, based on the user’s actions Controller: Takes in user commands, sends commands to the model for data updates, sends instructions to view to update interface.

Model-View-Controller(MVC)

Model-View-Controller(MVC) The user makes a request along a route, let’s say /home The controller receives this request and gives a specific set of orders that are related to that route. These instructions could either be for the view to update or serve a certain page, or for the model to perform specific logic. Let’s assume this request has some logic associated with it. The model carries out the logic, pulls from a database and sends back a consistent response based on the controller’s instructions. The controller then passes this data to the view to update the user interface.

Cyber Security Two types of attacks: Passive and Active Recent famous hacks: Sony (credit card), US Senate (files), and Epsilon (customers)

Cyber Security What is malware: “Malware is malicious software or code that typically dam-ages or disables, takes control of, or steals information from a computer system. Malware broadly includes botnets, viruses, worms, Trojan horses, logic bombs, rootkits, bootkits, back- doors, spyware, and adware. “ Spear phishing-- when you try and seem more credible to get more personal information out of users.

Cyber Security Here is the life cycle of an Attack: Infection (target system), Persistence (preservation and privileged access), Communication (hiding your actions), Command & Control (manageable) bypass normal authentication Exploit target, deliver malware

Lab Exercises

Wrap-Up Review of Lecture Overview of Next Steps Questions