IT3401 Web Essentials

Unit-1 Website Basics

Internet
Internet is defined as an Information super Highway, to access information over the
web. However, It can be defined in many ways as follows:

• Internet is a world-wide global system of interconnected computer networks.

• Internet uses the standard Internet Protocol (TCP/IP).
• Every computer in internet is identified by a unique IP address.
• IP Address is a unique set of numbers (such as 110.22.33.114) which identifies
a computer location.
• A special computer DNS (Domain Name Server) is used to give name to the IP
Address so that user can locate a computer by a name.
• For example, a DNS server will resolve a name http://www.flipkart.com to a
particular IP address to uniquely identify the computer on which this website is
hosted.
• Internet is accessible to every user all over the world.
Evolution
The concept of Internet was originated in 1969 and has undergone several
technological & Infrastructural changes as discussed below:
 • The origin of Internet devised from the concept of Advanced Research Project
Agency Network (ARPANET).
• ARPANET was developed by United States Department of Defense.
• Basic purpose of ARPANET was to provide communication among the various
bodies of government.
• Initially, there were only four nodes, formally called Hosts.
• In 1972, the ARPANET spread over the globe with 23 nodes located at different
countries and thus became known as Internet.


Advantages
Internet covers almost every aspect of life, one can think of. Here, we will discuss
some of the advantages of Internet:

By the time, with invention of new technologies such as TCP/IP protocols, DNS,
WWW, browsers, scripting languages etc.,Internet provided a medium to
publish and access information over the web.
• Internet allows us to communicate with the people sitting at remote locations.
There are various apps available on the wed that uses Internet as a medium for
communication. One can find various social networking sites such as:
o Facebo
ok
o Twitter
o
Yahoo
o
Google
+
o Flickr o
Orkut
• One can surf for any kind of information over the internet. Information regarding
various topics such as Technology, Health & Science, Social Studies,
Geographical Information, Information Technology, Products etc can be surfed
with help of a search engine.
• Apart from communication and source of information, internet also serves a
medium for entertainment. Following are the various modes for entertainment
over internet.
 o Online Television
o Online Games o
Songs o Videos
o
Social Networking Apps
 Internet allows us to use many services like:
o Internet Banking
o Matrimonial Services
o Online Shopping
o Online Ticket Booking
o Online Bill Payment
o Data Sharing
o E-mail
 Internet provides concept of electronic commerce, that allows the business
deals to be conducted on electronic systems

Disadvantages
However, Internet has prooved to be a powerful source of information in almost
every field, yet there exists many disadvanatges discussed below:
 • There are always chances to loose personal information such as name,
address, credit card number. Therefore, one should be very careful while
sharing such information. One should use credit cards only through
authenticated sites.
• Another disadvantage is the Spamming.Spamming corresponds to the
unwanted e-mails in bulk. These e-mails serve no purpose and lead to
obstruction of entire system.
• Virus can easily be spread to the computers connected to internet. Such virus
attacks may cause your system to crash or your important data may get deleted.
• Also a biggest threat on internet is pornography. There are many pornographic
sites that can be found, letting your children to use internet which indirectly
affects the children healthy mental life.
• There are various websites that do not provide the authenticated information.
This leads to misconception among many people.

2. Describe the Fundamentals of computer networking?

This tutorial will discover the definition of computer networking, its types, computer
networks work, networking concepts, commonly used terms, networking and internet,
how it works, and network topologies.

Computer Network
"A Computer Network is defined as a set of two or more computers that are linked
together?either via wired cables or wireless networks i.e., WiFi?with the purpose of
communicating, exchanging, sharing or distributing data, files and resources."

Computer Networks are built using a collection of hardware (such as routers,

switches, hubs, and so forth) and networking software (such as operating systems,
firewalls, or corporate applications).

Though one can also define the computer networks based on their geographic
location, a LAN (local area network) connects computers in a definite physical
dimension, such as home or within an office.

In contrast, a MAN (Metropolitan area network) connects computers ranging

between multiple buildings in a city.
The Internet is the most significant example of WAN (Wide Area
Network), connecting billions of networking devices across the world.

One can also describe the concept of computer networking by its communicating
protocols, the physical arrangement of its networking elements, how it manages
network traffic, and it's functioning.

Computer networks are globally used by businesses, the entertainment industry,

education in the research field for communication and transferring their data from
source to destination node.

All the other technologies, including the internet, Google search, instant messaging
apps, online video streaming, social media, email, cloud kitchen, cloud data
storage, etc., all exist because of computer networks.

Computer Network Types

Below are the most common computer network types that are frequently used these
days:

o LAN [Local Area Network} o WLAN

[Wireless local area network] o CAN
[Campus Area Network] o MAN
[Metropolitan Area Network] o PAN
[Personal Area Network] o SAN
[Storage Area Network] o VPN [Virtual
Private Network] o WAN [ Wide Area
Network]
1. LAN

LAN or Local Area Network is a group of devices connecting the computers and
other devices such as switches, servers, printers, etc., over a short distance such as
office, home. The commonly used LAN is Ethernet LAN. This network is used as it
allows the user to transfer or share data, files, and resources.

2. MAN

MAN or Metropolitan Area Network is typically a more extensive network when

compared to LANs but is smaller than WANs. This network ranges between several
 buildings in the same city. Man networks are connected via fiber optic cable (usually
high-speed connection). Cities and government bodies usually manage MANs.

3.WAN

WAN or Wide Area Network is the most significant network type connecting
computers over a wide geographical area, such as a country, continent. WAN
includes several LANs, MANs, and CANs. An example of WAN
the Internet, which connects billions of computers globally.

Networking terms and concepts

is

Some of the most commonly used terms in day-to-day networking life are as discussed
below:

1. IP address
An IP address or Internet Protocol is a unique number that represents the address
where you live on the Internet. Every device that is connected to the network has a
string of numbers or IP addresses unlike house addresses.

You won't find two devices connected to a network with an identical IP address. When
your computer sends data to another different, the sent data contains a 'header' that
further contains the devices' IP address, i.e., the source computer and the destination
device.

2. Nodes
A node refers to a networking connection point where a connection occurs inside
a network that further helps in receiving, transmitting, creating, or storing files
or data.

Multiple devices could be connected to the Internet or network using wired or wireless
nodes. To form a network connection, one requires two or more nodes where each
node carries its unique identification to obtain access, such as an IP address. Some
examples of nodes are computers, printers, modems, switches, etc.

3. Routers
A router is a physical networking device, which forwards data packets between
networks. Routers do the data analysis, perform the traffic directing functions on the
network, and define the top route for the data packets to reach their destination node.
A data packet may have to surpass multiple routers present within the network until
it reaches its destination.

4. Switches
In a computer network, a switch is a device that connects other devices and helps in
node-to-node communication by deciding the best way of transmitting data
within a network (usually if there are multiple routes in a more extensive
network).

Though a router also transmits information, it forwards the information only between
networks, whereas a switches forwards data between nodes present in a single
network.

Switching is further classified into three types, which are as follows:

o Circuit Switching
o Packet Switching o Message Switching
 o Circuit Switching: In this switching type, a secure communication path is
established between nodes (or the sender and receiver) in a network. It
establishes a dedicated connection path before transferring the data, and this
path assures a good transmission bandwidth and prevents any other traffic from
traveling on that path. For example, the Telephone network.
o Packet Switching: With this technique, a message is broken into independent
components known as packets. Because of their small size, each packet is sent
individually. The packets traveling through the network will have their source
and destination IP address.
o Message Switching: This switching technique uses the store and forward
mechanism. It sends the complete unit of the message from the source node,
passing from multiple switches until it reaches its intermediary node. It is not
suitable for real-time applications.

5. Ports
A port allows the user to access multiple applications by identifying a connection
between network devices. Each port is allocated a set of string numbers. If you relate
the IP address to a hotel's address, you can refer to ports as the hotel room number.
Network devices use port numbers to decide which application, service, or method is
used to forward the detailed information or the data.

6. Network cable types

Network cables are used as a connection medium between different computers
and other network devices. Typical examples of network cable types are Ethernet
cables, coaxial, and fiber optic. Though the selection of cable type usually depends
on the size of the network, the organization of network components, and the distance
between the network devices.

Computer Networks and the Internet

The Internet is the major example of a WAN, which connects billions of computers
globally. Internet follows standard protocols that facilitate communication between
these network devices. Those protocols include:

1. HTTP (Hypertext Transfer Protocol)

 2. IP (Internet protocol or IP addresses)
3. TCP (Transmission Control Protocol)
4. UDP (User Datagram Protocol)
5. FTP (File Transfer Protocol)

ISPs (Internet Service Providers) NSPs (Network Service Providers) effectively

support the internet infrastructure. The infrastructure allows the transportation of data
packets to the recipient device over the Internet.

Internet is a giant hub of information, but this information is not sent to every
computer connected to the Internet. The protocols and infrastructure are responsible
for managing to share the precise information the user has requested.

Network Topology
"Network topology is defined as the arrangement of computers or nodes of a
computer network to establish communication among all."

A node refers to a device that can transmit, receive, create, or store information. The
nodes are connected via a network link that could be either wired (cables, Ethernet) or
wireless (Bluetooth, Wi-Fi).

To help build a successful network in different situations, topologies are further classified
into several types. Though there are several topologies but in
this tutorial, we will discuss the commonly used ones, which are as
follows:
1. Bus Topology

o A Bus network topology supports a common transmission medium where

each node is directly connected with the main network cable.
o The data is transmitted through the main network cable and is received by all
nodes simultaneously.
o A signal is generated through the source machine, which contains the address
of the receiving machine. The signal travels in both the direction to all the
nodes connected to the bus network until it reaches the destination node.
o Bus topology is not fault-tolerant and has a limited cable length.

2. Ring Topology
 o A Ring topology is a modified version of bus topology where every node is
connected in a closed-loop forming peer-to-peer LAN topology.
o Every node in a ring topology has precisely two connections. The Adjacent node
pairs are connected directly, whereas the non-adjacent nodes are indirectly
connected via various nodes.
o Ring topology supports a unidirectional communication pattern where sending
and receiving of data occurs via TOKEN.

3. Star Topology

o In a Star network topology, every node is connected using a single central

hub or switch.
o

The hub or switch performs the entire centralized administration. Each node
sends its data to the hub, and later hub shares the received information to the
destination device.
o Two or more-star topologies can be connected to each other with the help of a
repeater.
4. Mesh Topology

o In a Mesh topology, every node in the network connection is directly

connected to one other forming overlapping connections between the nodes.
o This topology delivers better fault tolerance because if any network device fails,
it won't affect the network, as other devices can transfer information.
o The Mesh networks self-configure and self-organize, finding the quickest, most
secure way to transmit the data.
o One can forpm a full mesh topology by connecting every single node to another
node in the network. Full mesh is expensive and is only used in the networks,
which demands high data redundancy.
o Another type of mesh topology is partial mesh topology, where only a few
devices are connected, and few are connected to the devices with which they
share the most information. This mesh type is applicable in the networks,
requiring less redundancy or a cost-effective network topology that is easy to
execute.

3. Explain the Types of Network protocols and their uses?

, there are vast numbers of users' communicating with different devices in different
languages. That also includes many ways in which they transmit data along with the
different software they implement. So, communicating worldwide will not be
possible if there were no fixed 'standards' that will govern the way user
communicates for data as well as the way our devices treat those data. Here we will
be discussing these standard set of rules.

Yes, we're talking about "protocols" which are set of rules that help in governing the
way a particular technology will function for communication. In other words, it can
be said that the protocols are digital languages implemented in the form of
networking algorithms. There are different networks and network protocols, user's
use while surfing.

Types of Protocols
There are various types of protocols that support a major and compassionate role in
communicating with different devices across the network. These are:

1. Transmission Control Protocol (TCP)

2. Internet Protocol (IP)
3. User Datagram Protocol (UDP)
4. Post office Protocol (POP)
5. Simple mail transport Protocol (SMTP)
6. File Transfer Protocol (FTP)
7. Hyper Text Transfer Protocol (HTTP)
8. Hyper Text Transfer Protocol Secure (HTTPS)
9. Telnet
10.Gopher
Let's discuss each of them briefly:

1. Transmission Control Protocol (TCP): TCP is a popular communication

protocol which is used for communicating over a network. It divides any
message into series of packets that are sent from source to destination and
there it gets reassembled at the destination.
2. Internet Protocol (IP): IP is designed explicitly as addressing protocol. It is
mostly used with TCP. The IP addresses in packets help in routing them
through different nodes in a network until it reaches the destination system.
TCP/IP is the most popular protocol connecting the networks.
3. User Datagram Protocol (UDP): UDP is a substitute communication protocol
to Transmission Control Protocol implemented primarily for creating
losstolerating and low-latency linking between different applications.
 4. Post office Protocol (POP): POP3 is designed for receiving incoming E-mails.
5. Simple mail transport Protocol (SMTP): SMTP is designed to send and
distribute outgoing E-Mail.
6. File Transfer Protocol (FTP): FTP allows users to transfer files from one
machine to another. Types of files may include program files, multimedia files,
text files, and documents, etc.
7. Hyper Text Transfer Protocol (HTTP): HTTP is designed for transferring a
hypertext among two or more systems. HTML tags are used for creating links.
These links may be in any form like text or images. HTTP is designed on
Client-server principles which allow a client system for establishing a
connection with the server machine for making a request. The server
acknowledges the request initiated by the client and responds accordingly.
8. Hyper Text Transfer Protocol Secure (HTTPS): HTTPS is abbreviated as Hyper
Text Transfer Protocol Secure is a standard protocol to secure the
communication among two computers one using the browser and other
fetching data from web server. HTTP is used for transferring data between the
client browser (request) and the web server (response) in the hypertext
format, same in case of HTTPS except that the transferring of data is done in
an encrypted format. So it can be said that https thwart hackers from
interpretation or modification of data throughout the transfer of packets.
9. Telnet: Telnet is a set of rules designed for connecting one system with
another. The connecting process here is termed as remote login. The system
which requests for connection is the local computer, and the system which
accepts the connection is the remote computer.
10.Gopher: Gopher is a collection of rules implemented for searching, retrieving
as well as displaying documents from isolated sites. Gopher also works on the
client/server principle.
Some Other Protocols
Some other popular protocols act as co-functioning protocols associated with these
primary protocols for core functioning. These are:

• ARP (Address Resolution Protocol)

• DHCP (Dynamic Host Configuration Protocol)
• IMAP4 (Internet Message Access Protocol)
• SIP (Session Initiation Protocol)
• RTP (Real-Time Transport Protocol)
• RLP (Resource Location Protocol)
 • RAP (Route Access Protocol)
• L2TP (Layer Two Tunnelling Protocol)
• PPTP (Point To Point Tunnelling Protocol)
• SNMP (Simple Network Management Protocol)  TFTP (Trivial File Transfer
Protocol)

4. Explain Web Essentials briefly?

Web Essentials:

Server:

The software that distributes the information and the machine where the
information and software reside is called the server.

• provides requested service to client

• e.g., Web server sends requested Web page

The software that resides on the remote machine, communicates with the
server, fetches the information, processes it, and then displays it on the remote
machine is called the client.

•initiates contact with server (“speaks first”)

•typically requests service from server
•Web: client implemented in browser

Web server:
 Software that delivers Web pages and other documents to browsers using the

HTTP protocol Web Page:

A web page is a document or resource of information that is suitable for the

World Wide Web and can be accessed through a web browser.

Website:

A collection of pages on the World Wide Web that are accessible from the
same URL and typically residing on the same server.

URL

Uniform Resource Locator, the unique address which identifies a resource on the
Internet for routing purposes.

Client-server paradigm:

The Client-Server paradigm is the most prevalent model for distributed

computing protocols. It is the basis of all distributed computing paradigms at a higher
level of abstraction. It is service-oriented, and employs a request-response protocol.

A server process, running on a server host, provides access to a service. A

client process, running on a client host, accesses the service via the server
process.The interaction of the process proceeds according to a protocol.

The primary idea of a client/server system is that you have a central repository
of information—some kind of data, often in a database—that you want to distribute
on demand to some set of people or machines. The Internet:
 •Medium for communication and interaction in inter connected network.
• Makes information constantly and instantly available to anyone with a
connection.

Web Browsers

• User agent for Web is called a

browser: o Internet Explorer

Web

• Server for Web is called Web

server: o Apache (public

o MS Internet Information Server

Server:

domain)

Protocol:

Protocols are agreed formats for transmitting

data between devices. The protocol determines:
 i.The error checking required ii.Data
compression method used iii.The way the
end of a message is signaled iv.The way the
device indicates that it has received the
message

Internet Protocol:

There are many protocols used by the Internet and the WWW:
o TCP/IP
o HTTP
o FTP

o Electronic mail protocols IMAP

o POP
TCP/IP

The Internet uses two main protocols (developed by Vincent Cerf and Robert Kahn)
Transmission control protocol (TCP):Controls disassembly of message into packets
at the origin reassembles at the destination
 Internet protocol (IP):Specifies the addressing details for each packet Each
packet is labelled with its origin and destination.

Hypertext Transfer Protocol (HTTP)

• The hypertext transfer protocol (HTTP) was developed by Tim BernersLee

in 1991
•HTTP was designed to transfer pages between machines
• The client (or Web browser) makes a request for a given page and the Server
is responsible for finding it and returning it to the client
•The browser connects and requests a page from the server
• The server reads the page from the file system, sends it to the client and

Electronic Mail Protocols:

• Electronic mail uses the client/server model

terminates the connection.
• The organisation has an email server devoted to handling email o Stores
and forwards email messages

•Individuals use email client software to read and send email o

(e.g. Microsoft Outlook, or Netscape Messenger)
• Simple Mail Transfer Protocol (SMTP) o Specifies format of mail
messages
 • Post Office Protocol (POP) tells the email server to:
o Send mail to the user’s computer and delete it from the server

o Send mail to the user’s computer and do not delete it from the
server o Ask whether new mail has arrived.

Interactive Mail Access Protocol (IMAP)

Newer than POP, provides similar functions with additional features.

o e.g. can send specific messages to the client rather than all the
messages. A user can view email message headers and the
sender’s name before

downloading the entire message.

Allows users to delete and search mailboxes held on the email server.

The disadvantage of POP: You can only access messages from one PC.

The disadvantage of IMAP :Since email is stored on the email server, there is a
need for more and more expensive (high speed) storage space.

World Wide Web: comprises software (Web server and browser) and data
(Web sites).

Internet Protocol (IP) Addresses:

- Every node has a unique numeric address
- Form: 32-bit binary number
 - New standard, IPv6, has 128 bits (1998)

- Organizations are assigned groups of IPs for their computers -

Domain names
- Form: host-name. domain-names
- First domain is the smallest (Google)
- Last domain specifies the type of organization (.com)
- Fully qualified domain name - the host name and all of the domain
names
- DNS servers - convert fully qualified domain names to IPs

HTTP:
Hypertext Transfer Protocol (HTTP) is the communication protocol
used by the Internet to transfer hypertext documents.

A protocol to transfer hypertext requests and information between

servers and browsers

Hypertext is text, displayed on a computer, with references (hyperlinks) to

other text that the reader can immediately follow, usually by a mouse HTTP is behind
every request for a web document or graph, every click of a hypertext link, and every
submission of a form.

HTTP specifies how clients request data, and how servers respond to
these requests.

The client makes a request for a given page and the server is responsible
for finding it and returning it to the client.
 The browser connects and requests a page from the server.

The server reads the page from the file system and sends it to the client and
then terminates the connection

HTTP Transactions

HTTP Message:

HTTP message is the information transaction between the client and server.

Two types of HTTP Message:

1.Requests
a.Client to server
 2.Responses

a.Server to client

Fields
· Request line or Response line
· General header
· Request header or Response header
· Entity header
· Entity body

Request Message:
Request Line:

• A request line has three parts, separated by spaces o a method

name

o the local path of the requested resource o the version

of HTTP being used
 •A typical request line is:
o GET /path/to/file/index.html HTTP/1.1
• Notes:

o GET is the most common HTTP method; it says "give me this resource".
Other methods include POST and HEAD. Method names are always
uppercase

o The path is the part of the URL after the host name, also called the
request URI o The HTTP version always takes the form
"HTTP/x.x", uppercase.

Request Header:
Response Message:
Response Line:

• A request line has three parts, separated by

spaces o the HTTP version,

o a response status code that gives the result of the

request, and o an English reason phrase describing the
status code
• Typical status lines are:
o HTTP/1.0 200 OK or
o HTTP/1.0 404 Not Found
• Notes:
o The HTTP version is in the same format as in the request line,
"HTTP/x.x".

o The status code is meant to be computer-readable; the reason phrase

is meant to be human-readable, and may vary.

HTTP Request Header:

EXAMPLE

HTTP Method:

• HTTP method is supplied in the request line and specifies the operation
that
the client has requested.

Some common methods:

•Options
•Get
•Head
•Post
•Put
•Move
•Delete

Two methods that are mostly used are the GET and
POST: o GET for queries that can be safely
repeated
 o POST for operations that may have side effects
(e.g. ordering a book from an online store).

The GET Method

• It is used to retrieve information from a specified URI and

is assumed to be a safe, repeatable operation by browsers, caches and
other HTTP aware components

•Operations have no side effects and GET requests can be re-issued.

• For example, displaying the balance of a bank account has

no effect on the account and can be safely repeated.

• Most browsers will allow a user to refresh a page that

resulted from a GET, without displaying any kind of warning

• Proxies may automatically retry GET requests if they

encounter a temporary network connection problem.

• GET requests is that they can only supply data in the form
of parameters encoded in the URI (known as a Query String) –
[downside]

Cannot be unused for uploading files or other operations that require large amounts
of data to be sent to the server.

The POST Method

•Used for operations that have side effects and cannot be safely repeated.
 • For example, transferring money from one bank account to
another has side effects and should not be repeated without explicit
approval by the user.

If you try to refresh a page in Internet Explorer that resulted from a POST, it displays
the following message to warn you that there may be side effects:

The POST request message has a content body that is normally

used to send parameters and data

• The IIS server returns two status codes in its response for a POST request
o The first is 100 Continue to indicate that it has successfully
received the POST
request
o The second is 200 OK after the request has been processed.

HTTP response status codes

•Informational (1xx)
•Successful (2xx)
•Redirection (3xx) o 301: moved
permanently
• Client error (4xx)
 o 403 : forbidden o
404: Not
found
• Server error (5xx) o 503: Service
unavailable o 505: HTTP version
not supported
5. Describe client side scripting?

Client side scripting is a process in which the code along with HTML web
page is sent to the client by the server. Here, the code refers to the script.
In other simple words, client side scripting is a process in which scripts are
executed by browsers without connecting the server.
The code executes on the browser of client’s computer either during the
loading of web page or after the web page has been loaded.
Client side scripting is mainly used for dynamic user interface elements,
such as pull-down menus, navigation tools, animation buttons, data
validation purpose, etc.
Today, it is rapidly growing and evolving day by day. As a result, writing
client side web programming is now easier and faster, thereby, reducing
load on the server.
JavaScript and jQuery are by far the most important client-side scripting
languages or web scripting languages and widely used to create a
dynamic and responsive webpage and websites.
The browser (temporarily) downloads the code in the local computer and
starts processing it without the server. Therefore, the client side scripting is
browser dependent.

A client-side script is a small program (or set of instructions) that is

embedded (or inserted) into a web page. It is processed within the client
browser instead of the web server.
The client side script downloads at the client end from the server along
with the HTML web page it is embedded in. The web browser interprets
and executes the code and then displays the results on the monitor.
The script that executes on the user’s computer system is called client. It is
embedded (or inserted) within the HTML document or can be stored in an
external separate file (known as external script).
The script files are sent to the client machine from the web server (or severs)
when they are requested. The client’s web browser executes the script, then
displays the web page, including any visible output from the script. Look

Client side scripts may also have some instructions for the web browser to
follow in response to certain user actions, such as pressing a page button.
They can often be looked if client want to view the source code of web
page.
at the below figure to understand better.
Popular Client side Scripting Language
A language in which a client side script or program is written using syntax is
called client side scripting language or client side programming. The
most popular client side scripting languages is as follows:
1. JavaScript: It is the most widely client side scripting or programming
language. It is based on ECMAScript standard language.
JavaScript is an object based oriented, dynamically typed (or also called
weakly typed) scripting language. It runs directly on the browser with the
help of an inbuilt interpreter.
Here, weakly typed means the variables are easily converted implicitly from
one data type to another.
2. VBScript: This scripting language is developed by Microsoft, based on
the Visual Basic. It is basically used to enhance the features of web pages in
Internet Explorer. VBScript is interpreted by Internet Explorer web browser.
3. jQuery: jQuery is a fast, small, lightweight JavaScript library. It is used to
facilitate a lot of JavaScript code into simple-to-use-functionality. Most of
the biggest companies such as Google, Microsoft, IBM, Netflix, etc. on the
Web are using jQuery language.

Client side Scripting Language Example

Let’s take a very simple example of JavaScript client side script. In this
example, a simple JavaScript client side script will run in the browser to
display the name of cities.
The HTML file located on the server will be the same one sent to the
browser, but JavaScript changes the HTML web page that is loaded in the
browser.
Program code:
<DOCTYPE html>

<html>

<head>

<title>List of cities</title>

<script> function displayCities()

{
 var cities = ["New York", "Dhanbad", "Paris", "London", "Mumbai"];

var ulElement = document.getElementById("cityList");

for(var city in cities)

var listItem = ulElement.appendChild(document.createElement("li"));

listItem.appendChild(document.createTextNode(cities[city]));

</script>

</head>

<body onload = "displayCities()">

<ul id = "cityList"></ul>

</body>

</html>

Look at the below diagram that shows the flow of data between server and
browser.
Application of Client side Scripting
Client side scripting is used to make web pages or website more interactive.
It is primarily used at the frontend, where the user can see using the
browser. Some important applications of client side scripting are listed, as
below:
• To retrieve data from web browser or user’s screen.
• Used in the field of online games.
 • To customize the web page without reloading the page.
• Client side scripting is used for validation purpose. If the user enters
incorrect credentials on the login page, the web page displays an
error message on the client machine without submitting it to the web
server.
• To create ad banners that interact with the user, rather than simply
displaying graphics.
• To create animated images that change when we move the mouse
over them.
• Client side script can be used to detect installed plug-ins and notify
the user if a plugin is required.

Advantage of Client side Scripting

There are several great advantages of client side scripting that are as
follows:
1. The client side scripting language is quite easy to learn and use. It
requires minimum programming knowledge or experienced required.
2. The main advantage of client side scripting is that it is lightweight and
relatively easy to implement (syntax not too complex). The editing and
executing the code is fast.
3. Data processing is done on the client side from the server, which makes
it easier to scale applications with large numbers of users. Thereby, load
on the server reduces.
4. The client side data validation can be possible using the client side
scripting language like JavaScript.
5. The execution of client side script is more quickly because once the script
is downloaded from the server, it is executed by the browser directly on
the user’s computer.
6. Mathematical assessment is also possible using client side scripting.
7. The client side programming helps to perform the complex tasks in
relatively few steps.
8. Script code only executed by the browser without connecting the server.
9. It takes too less time to execute script code.
10. Browser respond immediately when user presses any key, mouse
movement, clicks, etc.

Disadvantage of Client side Scripting

There are certain disadvantages of client side scripting that are as follows:
1. The main disadvantage of client side scripting is that it is unsecure
because the code is sent as is to the client and, therefore, visible to it if the
client looks at the sources of his web page. In short, code is usually visible.
2. Client side programming cannot be used if we need to access
databases or needs to transmit sensitive data over the internet.
3. There is no guarantee that user has enabled JavaScript on his
computer’s browser. Therefore, any required functionality must be loaded
on the server despite the possibility that it could be offloaded.
4. The smooth running of the script (or program) depends entirely on
the client’s browser, its configuration, and security level.
5. The web application based on the heavy JavaScript can be
complicated to debug and maintain.
6. Client side scripting languages are usually more limited in
functionality than server side scripting languages.

Client side Web Attacks

In this section, we will understand web attacks on the client side. They are
as follows:
1. Malicious HTML tags embedded in web request can cause the server
to generate malformed pages. It can be dangerous if run on the server side.
Malformed pages sent back to the client may produce the further problems
if executes on the client side.
2. Malicious code can be sent to the server from the attackers in a
discussion group website. An example of malicious code can be like this:
Hello Group — Here is my message!

<script>Malicious code</script>

If JavaScript is enabled on the victim client’s browser, the browser will run
this code unexpectedly.
3. An attacker can send a file to a client and encourage him to post it to
the server. The file may contain malicious code that can hack the website.
4. When a client visits a website, a small text file called a cookie is often
placed in the client’s computer. At the next visiting, the web server scans
that cookie. If it found on the computer, the attacker can use the cookie
data to trigger the download of malicious code.
5. Tags like <FORM> can trouble if they are inserted at the wrong place.
These HTML tags can change the appearance of the web page.
6. Browsers interpret the information according to the character set
chosen by the client. If the client does not specify the character set, the
web browser uses the default setting, that can display the garbled
appearing or unintended meanings.

General Client side Attack Prevention

There are the following general measures to prevent client side attacks.
They are as follows:
1. Client can use client side scripting to clean up form data before it is
transmitted.
2. Users can turn off JavaScript functions in the browser. It may disable
some web functionality.
3. They should set the security level high in the browser and lower it only
for those users you are sure will not violate that trust.
4. Scan all the files including cookie for viruses to prevent the injection of
malicious code.
5. Client should declare their character set when configuring browsers.