Summary of Stage 4 Lessons

Intro: Allow Comments

1. Web Servers

A web server is simply a computer program that dispenses web pages as they are requested. The machine the program runs on is usually also called a server, and the two references are interchangeable in everyday conversation.
Every web page on the internet also has a unique address, called a Uniform Resource Locator, or URL.
When a user types that URL into a web browser, the machine the browser is running on sends a request to the IP address of the machine running the web server for that page, requesting that all the content found there be sent back. Once the web server receives that request, it sends the page content back to the IP address of the computer asking for it. The web browser then translates that content into all of the text, pictures, links, videos, etc. that so many web pages contain.
The data being transferred back and forth during these exchanges must conform to a specific protocol, called Hypertext Transfer Protocol (HTTP), to ensure that all web pages and servers communicate with one another efficiently and without error. The most common web server software today, that is, the program that actually does the receiving and answering of page requests, is Apache. This open-source software handles more than half of all websites in existence today - many developers of web-based applications and technologies use Apache as their default environment when designing new products. The second most common is Internet Information Services (IIS), released by Microsoft, which accounts for nearly 25% of all websites. Website Link

2. HTTP Request Methods

GET Method Attribute

  • Parameters in URL
  • Used for fetching documents
  • maximum URL length
  • OK to cache
  • Shouldn't change the sever

POST Method Attribute

  • Parameters in body
  • Used for updating data
  • No maximum URL length
  • Not OK to cache
  • OK to change the sever

3. Google App Engine: Platform as a Service

Google App Engine lets you build and run applications on Google’s infrastructure. App Engine applications are easy to create, easy to maintain, and easy to scale as your traffic and data storage needs change. With App Engine, there are no servers for you to maintain. You simply upload your application and it’s ready to go.

4. Inportance of Validating Input

Web applications are vulnerable if you don't practice input validation. Validating user input could prevent application attacks such as buffer overflow, SQL injection and cross-site scripting. Proper validation of form data is important to protect your form from hackers and spammers!

Purposes of Data Validation:

  • If a user submits data that is not within the allowed values or it is in the wrong format, it may cause the application to exhibit unexpected behaviour – which may include a blank screen or a screen that doesn’t make sense. Validation allows for this to be prevented, and instead to present a human-readable error message back to the user. Allowing the user to see why the input wasn’t accepted greatly aids in usability of the application.
  • A malicious user of the application may attempt to exploit problems in the application by sending data that is not in the format that the application expects or outside the range of values that a user should be using. The value used, if not checked, may grant the user access to some aspect of the application otherwise hidden, due to an internal problem in the application.
  • Data validation can help to ensure that data stored is complete and that nothing is missing. For instance, ensuring that ‘required’ fields are indeed filled out by the user ensures that there won’t be gaps (or empty strings) in a database record, which may cause problems with the incomplete data is acted upon later, for instance to follow up with a customer.
  • Website Link

5. Templates and Abstraction

HTML embedded in code is messy and difficult to maintain. It's better to use a templating system, where the HTML is kept in a separate file with special syntax to indicate where the data from the application appears. Google App Engine includes the Django and Jinja2 templating engines.

Using HTML templates allow programmers to avoid repetition to save time and make less mistakes. We can use HTML template for website header and footer. So it looks consistently.

Benefits of Using Templates:

  • Separate different types code
  • Make more readable code
  • More secure websites
  • HTML file that is easier to modify
  • Avoid code repetition