User:Zwang18/Writting assignment 1g: Difference between revisions

Introduction

Web framework is a software framework that is designed to support the development of web applications like dynamic website, web service APIs. It frees developer from lower layer details and provide tools to accelerate the development. A framework usually correspond to one or more languages and types of Database.

Except for standard libraries, web framework often provide libraries for frequently used functions in web applications and hide low level details to the developer. It also has all required protocols well implemented, i.e. HTTP(s) and all supporting protocols. Except the standard library, most web framework will include libraries for frequently used functions and modules by default, like: URL Encoding, HTTP Request header parsing, URL mapping, session module and Database module.

In addition, Template, Caching, Load balance, URL Fetch, DoS Protection, Frontend Channel, Mail, Open Authorization, DOM management, XMPP are also commonly seen features in most modern web framework.

Web application process

Most web applications are based on HTTP(s) protocol, where client and server uses Request-Response method to exchange information. In a typical round, client sends information encoded into a HTTP request header, server will respond with a HTML page, Json or XML data. The response is usually real-time generated based on the request.

Usually server only respond to requests and is not able to start a connection to client, unless certain hack like Javascript Channel is used.

Static

The static server is a direct implementation of HTTP protocol. In such model, every request corresponds to a file on server, the server daemon fetch the correspond file and send the file directly to client as is.

Therefore, as its name indicates, the response content is not dynamically generated.

CGI and PHP

CGI (Common Gateway Interface) and PHP (Hypertext Preprocessor) are naive implementation of dynamic web server. The response content are dynamically generated according to input parameters which is sent to server with the request header.

In this way, the server can customize the response based on the request parameters and client information.

These kind of web framework have a simple script interpreter or compiled server program in order to generate the response. However such framework only provides an executable environment for the response generator, usually without further functions.

Furthermore, these interpreter or program usually don't have strong protection or isolation from the operating system. That means the input parameters must be examined very carefully, otherwise an intruder may able to execute any command with the privilege of the interpreter or server program.

Modern framework

The basic task of a modern framework is still generate dynamic response according to the request and corresponding parameters. However, it provides many feature to make the task easier and more secure.

The framework may have build in modules to provide certain task like session management, templating and it may also provide interfaces which allow the server program to communicate with third parties upon user request. Those communication may use protocols other than HTTP(s), like XMPP or SMTP.

Modern framework runs not only at backend, but also at frontend: providing features like DOM management, asynchronous communications and two-way communications.

A modern framework includes protecting mechanism which prevents intruders from accessing the host operating system directly. Only through certain modules or interface can a service program access resources in operation system. therefore it is more secure.

Features

One of the advantages of using a web framework is that most frequently used features are already implemented and can be used easily through pre-defined interfaces.

Database

Most web framework have database module which allow the server program to provide persistent storage to data. This is considered a basic feature that should be provided by a web framework.

It is important to store and query data on server so that the response is not uniquely depend on the corresponding request. The response can now be generated upon previous session content even session between the server and other clients.

Session management

Session management is another basic feature in web framework.

HTTP protocol is designed to be stateless which makes it hard to track a client's identity. Therefore, without Session management, the server cannot provide continuous user-specific service, because the server cannot keep the client identity between requests.

Session also provide a temporary memory storage between associated requests. It is much faster and cheaper to store temporary data using session modules instead of database.

Channel

A channel can provide a persistent connection between client and server, allowing the client to send messages to JavaScript runs in client browser in real time without the use of polling.

This is useful for applications that are designed to update the user about new information immediately or where user input is immediately broadcast to other users. Without channel feature, the only way to do so may be client explicitly polling the server which results in high latency and high server load.

Load Balance and Data Synchronize

Some web framework like Google Appengine are designed to work on multiple servers. Hence it becomes important to balance loads between servers and synchronize data between servers.

These kind of web framework often have

Security

Frameworks

Google Appengine web.go

Backend

Types

CMS

Plug-ins

MVC

3-Tiers

Push-based vs. pull-based

languages

Shell Script

Java

Python

Go

Web.go Google Appengine

VB Script

Ruby

Javascript

Frontend

jQuery

ExtJS

Prototype

Database

SQLite

MySQL

Cloud SQL

BigTable

mongoDB