Download presentation
Presentation is loading. Please wait.
Published byBerniece Maxwell Modified over 9 years ago
2
Previous lessons have focused on client-side scripts Programs embedded in the page’s HTML code Can also execute scripts on the server Server-side scripts Programs that the web server runs in response to something done by a web client (browser) Common server-side languages and extensions Perl Common Gateway Interface (CGI) –.pl,.cgi PHP –.php Active Server Pages (ASP) –.asp ASP.NET –.aspx JavaServer Pages (JSP) –.jsp ColdFusion –.cfm 2Server-Side Scripting
3
Client requests a page containing JavaScript code GET ex0.html HTTP/1.1 Server returns an HTML file containing embedded JavaScript var iter = 0; while(iter < 1000) { document.write("G O N A V Y ! "); iter = iter + 1; } Client renders the page Includes executing the embedded JavaScript Server-Side Scripting3
4
Client requests a page containing JavaScript code GET ex0.jsx? HTTP/1.1 Server executes the JavaScript code and generates the HTML content Client receives HTML and renders it Server-Side Scripting4
5
Two mechanisms for sending arguments to server-side scripts GET POST GET provides inputs to the server as part of the URL Simpler POST provides inputs to the server “behind the scenes” Server-Side Scripting5
6
Example URL http://.../f2c.jsx?fahrenheit=78 URL for script ends with “ ? ” Designates the start of the querystring Querystring consists of name=value pairs name=value pairs are parameters the server-side script will use as inputs Multiple name=value pairs separated by “ & ” arg1=value1&arg2=value2 Specify the action and method attributes in the form element action specifies the script to use method specifies either GET or POST Server-Side Scripting6
7
Server-side scripts execute on the remote server Uses server resources Can cause problems for a server administrator Performance Security Validation and sanitization help ensure valid input is supplied to a program Validation: checks if the input meets a set of criteria Sanitization: modifies the input to ensure that it is valid Server-Side Scripting7
8
Testing for the length Format Range Allowable characters Example Program expects positive integer input Validate that any string input consists only of the digits 0 through 9 Server-Side Scripting8
9
Attempt to parse a valid value from the provided input Strip the invalid content from the input Re-format the input Escape characters so they cannot be interpreted as code Use a default value Server-Side Scripting9
10
Assume a script that writes “GO NAVY!” a user-specified number of times gonavy.jsx?n=800 What if the user wants to print “GO NAVY” 100,000,000 times? What if multiple users want to do so? Server-Side Scripting10
11
For performance reasons, we may want to limit users to N=5000 Validate the user input A number If not a number, set to a default value of 100 Less than 0 If < 0, set value to 0 Greater than (or equal to) 5000 If > 5000, set value to 5000 Server-Side Scripting11
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.