Dynamic Web Pages

Info 253: Web Architecture
Kay Ashaolu

Review

URL

HTTP

curl -v "https://www.google.com/"

*   Trying 172.217.4.132...
* TCP_NODELAY set
* Connected to www.google.com (172.217.4.132) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate: www.google.com
* Server certificate: Google Internet Authority G2
* Server certificate: GeoTrust Global CA
> GET / HTTP/1.1
> Host: www.google.com
> User-Agent: curl/7.54.0
> Accept: */*

HTTP

< HTTP/1.1 200 OK
< Date: Thu, 05 Oct 2017 12:19:28 GMT
< Expires: -1
< Cache-Control: private, max-age=0
< Content-Type: text/html; charset=ISO-8859-1
< P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
< Server: gws
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Set-Cookie: NID=113=I4RF80L1QA2k8c_-n_D_n6FuFF5VK0I2PgYxoJQEMT7qdSSGazDeYfMDYgrAmZ3x-3Z_MGSvCrl8IvI2DM70SsAZKZcdF25qwkthJQjdh4P75ucHUZ8HY5wDprcJmLsr; expires=Fri, 06-Apr-2018 12:19:28 GMT; path=/; domain=.google.com; HttpOnly
< Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
< Accept-Ranges: none
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< 

...

Protocols and State

  • State: Associated information
  • Stateful: Interpretation depends on history of actions
  • Stateless: Commands cannot access history

Telephone Protocol

  • Bank: must identify yourself for each request
  • Family: can instantly recognize you, resume conversation where it left off

SSH/Terminal is Stateful

  • Relative directories depend on previous cd commands
  • Interactive sessions
  • Don't have to resend login information each command

HTTP is Stateless

  • Must specify full context each request
    • Absolute path
    • Hostname
    • Cookies*
    • Current request doesn't depend on history
    • Even on open connections, actual commands are stateless

HTML over HTTP

<img src="img/raptor-genie.jpg">

  • Relative or absolute?
  • How does the browser request this image?

Paths in HTML & HTTP

  • HTTP: Absolute paths
  • HTML: Absolute or relative paths
  • Browser: Translates relative paths with current URL + relative

Stateless Trade-offs

  • State requires space and coordination
  • State inherent in many applications
    • So it must be handled by client
    • Most common: authentication

Authentication

  • What user is making the request?
  • Should the server "remember" who is making the request?
  • No! Browser will always send authorization information

Application State

  • Just because the protocol is stateless
  • doesn't mean the application can't be stateful
  • Information about user stored, explicitly transmitted

Static vs. Dynamic Web Page

  • Static web pages are files that don't change
  • Dynamic web pages get generated by the server
  • Dynamic is an overloaded term

Trade-offs

  • Static pages can be read off disk quickly
  • Static pages can be served out of RAM even faster
  • Dynamic pages can change
  • Dynamic pages may use less space

But why should resources change?

  • Your "own" profile page
  • Updates (new reviews, activity feed)
  • Permissions
  • External data source

Example: Craigslist

  • Every ad has a page
  • Users can create and remove ads
  • Ad pages have text, pictures, etc.

Static Serving

Dynamic Serving

Requirements

  • The data will be frequently modified by the user
  • Must serve pages as cheaply as possible
  • Must be able to copy pages to another server
  • Designers must iterate on site design
  • Like Wikipedia, must create links to new pages in old

What is done in industry?

  • Both!
  • Data stored in a database
  • When users request page, generate it
  • But also cache it!
  • So the next time, it can be served like a file

CSS and JavaScript

  • Still static
  • Fairly rare that those assets are dynamically generated
  • Exception: some images

Questions?