User:Zwang18/Writting assignment 1g: Difference between revisions
Line 30: | Line 30: | ||
===Modern framework=== | ===Modern framework=== | ||
[[Image: | The basic task of a modern framework is still generate dynamic response according to the request and corresponding parameters. However, it provides many feature to make the task easier and more secure. | ||
The framework may have build in modules to provide certain task like session management, templating and it may also provide interfaces which allow the server program to communicate with third parties upon user request. Those communication may use protocols other than HTTP(s), like XMPP or SMTP. | |||
Modern framework runs not only at backend, but also at frontend: providing features like DOM management, asynchronous communications and two-way communications. | |||
A modern framework includes protecting mechanism which prevents intruders from accessing the host operating system directly. Only through certain modules or interface can a service program access resources in operation system. therefore it is more secure. | |||
[[Image:web_framwork.JPG]] | |||
==Features== | ==Features== |
Revision as of 21:03, 12 February 2013
Introduction
Web framework is a software framework that is designed to support the development of web applications like dynamic website, web service APIs. It frees developer from lower layer details and provide tools to accelerate the development. A framework usually correspond to one or more languages and types of Database.
Except for standard libraries, web framework often provide libraries for frequently used functions in web applications and hide low level details to the developer. It also has all required protocols well implemented, i.e. HTTP(s) and all supporting protocols. Except the standard library, most web framework will include libraries for frequently used functions and modules by default, like: URL Encoding, HTTP Request header parsing, URL mapping, session module and Database module.
In addition, Template, Caching, Load balance, URL Fetch, DoS Protection, Frontend Channel, Mail, Open Authorization, DOM management, XMPP are also commonly seen features in most modern web framework.
Web application process
Most web applications are based on HTTP(s) protocol, where client and server uses Request-Response method to exchange information. In a typical round, client sends information encoded into a HTTP request header, server will respond with a HTML page, Json or XML data. The response is usually real-time generated based on the request.
Usually server only respond to requests and is not able to start a connection to client, unless certain hack like Javascript Channel is used.
Static
The static server is a direct implementation of HTTP protocol. In such model, every request corresponds to a file on server, the server daemon fetch the correspond file and send the file directly to client as is.
Therefore, as its name indicates, the response content is not dynamically generated.
CGI and PHP
CGI (Common Gateway Interface) and PHP (Hypertext Preprocessor) are naive implementation of dynamic web server. The response content are dynamically generated according to input parameters which is sent to server with the request header.
In this way, the server can customize the response based on the request parameters and client information.
These kind of web framework have a simple script interpreter or compiled server program in order to generate the response. However such framework only provides an executable environment for the response generator, usually without further functions.
Furthermore, these interpreter or program usually don't have strong protection or isolation from the operating system. That means the input parameters must be examined very carefully, otherwise an intruder may able to execute any command with the privilege of the interpreter or server program.
Modern framework
The basic task of a modern framework is still generate dynamic response according to the request and corresponding parameters. However, it provides many feature to make the task easier and more secure.
The framework may have build in modules to provide certain task like session management, templating and it may also provide interfaces which allow the server program to communicate with third parties upon user request. Those communication may use protocols other than HTTP(s), like XMPP or SMTP.
Modern framework runs not only at backend, but also at frontend: providing features like DOM management, asynchronous communications and two-way communications.
A modern framework includes protecting mechanism which prevents intruders from accessing the host operating system directly. Only through certain modules or interface can a service program access resources in operation system. therefore it is more secure.
Features
supporting functions (Database interface, Session management, Load balance)(, )
Security
Frameworks
Google Appengine web.go
Backend
Types
CMS
Plug-ins
MVC
3-Tiers
Push-based vs. pull-based
languages
Shell Script
Java
Python
Go
Web.go Google Appengine