Cross-site scripting. Background[edit] Security on the web is based on a variety of mechanisms, including an underlying concept of trust known as the same origin policy. This essentially states that if content from one site (such as is granted permission to access resources on the system, then any content from that site will share these permissions, while content from another site ( will have to be granted permissions separately. [citation needed] Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely. XSS vulnerabilities have been reported and exploited since the 1990s. Types[edit] There is no single, standardized classification of cross-site scripting flaws, but most experts distinguish between at least two primary flavors of XSS: non-persistent and persistent.
Non-persistent[edit] A reflected attack is typically delivered via email or a neutral web site. Persistent[edit] Search engine optimization. As an Internet marketing strategy, SEO considers how search engines work, what people search for, the actual search terms or keywords typed into search engines and which search engines are preferred by their targeted audience. Optimizing a website may involve editing its content, HTML and associated coding to both increase its relevance to specific keywords and to remove barriers to the indexing activities of search engines.
Promoting a site to increase the number of backlinks, or inbound links, is another SEO tactic. The plural of the abbreviation SEO can also refer to "search engine optimizers", those who provide SEO services. History Early versions of search algorithms relied on webmaster-provided information such as the keyword meta tag, or index files in engines like ALIWEB. By relying so much on factors such as keyword density which were exclusively within a webmaster's control, early search engines suffered from abuse and ranking manipulation. Relationship with search engines. Dynamic web page. Dynamic web page: example of server-side scripting (PHP and MySQL).
A client-side dynamic web page processes the web page using HTML scripting running in the browser as it loads. JavaScript and other scripting languages determine the way the HTML in the received page is parsed into the Document Object Model, or DOM, that represents the loaded web page. The same client-side techniques can then dynamically update or change the DOM in the same way. DHTML is the umbrella term for technologies and methods used to create web pages that are not static web pages. Basic concepts[edit] Classical hypertext navigation, with HTML or XHTML alone, provides "static" content, meaning that the user requests a web page and simply views the page and the information on that page.
However, a web page can also provide a "live", "dynamic", or "interactive" user experience. There are two ways to create this kind of effect: History[edit] Server-side scripting[edit] Client-side scripting[edit] Example See also[edit] Joomla. Joomla is a free and open-source content management framework (CMF) for publishing web content. It is built on a model–view–controller web application framework that can be used independently of the CMS. As of February 2014[update], Joomla has been downloaded over 50 million times.[8] Over 7,700 free and commercial extensions are available from the official Joomla! Extension Directory, and more are available from other sources.[9] It is estimated to be the second most used content management system (CMS) on the Internet after WordPress.[10][11] History[edit] Joomla developers created a website called OpenSourceMatters.org (OSM) to distribute information to users, developers, web designers and the community in general.
Project leader Andrew Eddie wrote a letter[14] that appeared on the announcements section of the public forum at mamboserver.com. In the two weeks following Eddie's announcement, teams were re-organized, and the community continued to grow. Version history[edit] Web development. Web development is a broad term for the work involved in developing a web site for the Internet (World Wide Web) or an intranet (a private network). Web development can range from developing the simplest static single page of plain text to the most complex web-based internet applications, electronic businesses, and social network services. A more comprehensive list of tasks to which web development commonly refers, may include web design, web content development, client liaison, client-side/server-side scripting, web server and network security configuration, and e-commerce development.
Among web professionals, "web development" usually refers to the main non-design aspects of building web sites: writing markup and coding. For larger organizations and businesses, web development teams can consist of hundreds of people (web developers). Web development as an industry[edit] Since the commercialization of the web, web development has been a growing industry. Typical areas[edit] Basic[edit] Applet. The word applet was first used in 1990 in PC Magazine.[3] Applet as an extension of other software[edit] Web-based Applets[edit] An applet can also be a text area only, providing, for instance, a cross platform command-line interface to some remote system.[6] If needed, an applet can leave the dedicated area and run as a separate window. However, applets have very little control over web page content outside the applet dedicated area, so they are less useful for improving the site appearance in general (while applets like news tickers[7] or WYSIWYG editors[8] are also known).
Applets can also play media in formats that are not natively supported by the browser[9] HTML pages may embed parameters that are passed to the applet. Examples of Web-based Applets include:[citation needed] Applet vs. A larger application distinguishes its applets through several features:[citation needed] Applets execute only on the "client" platform environment of a system, as contrasted from "servlet".
Java applet. A Java applet that was created as supplementary demonstration material for a scientific publication.[1] Using applet for nontrivial animation illustrating biophysical topic (randomly moving ions pass through voltage gates)[3] Using a Java applet for computation - intensive visualization of the Mandelbrot set[4] Sufficient running speed is also utilized in applets for playing nontrivial computer games like chess[5] NASA World Wind (open source) is a second generation applet[6] that makes heavy use of OpenGL and on-demand data downloading to provide a detailed 3D map of the world. Web access to the server console at the hardware level with the help of a Java applet Java applets run at very fast speeds comparable to, but generally slower than, other compiled languages such as C++.
Overview[edit] HTML pages may embed parameters that are passed to the applet. Technical information[edit] Similar technologies[edit] Embedding into a web page[edit] Example[edit] <! A Java applet example Advantages[edit] Web design. Web design encompasses many different skills and disciplines in the production and maintenance of websites. The different areas of web design include web graphic design; interface design; authoring, including standardised code and proprietary software; user experience design; and search engine optimization. Often many individuals will work in teams covering different aspects of the design process, although some designers will cover them all.[1] The term web design is normally used to describe the design process relating to the front-end (client side) design of a website including writing mark up.
Web design partially overlaps web engineering in the broader scope of web development. Web designers are expected to have an awareness of usability and if their role involves creating mark up then they are also expected to be up to date with web accessibility guidelines. History Web design books in a store The start of the web and web design Evolution of web design End of the first browser wars. ASP.NET. ASP.NET is a server-side Web application framework designed for Web development to produce dynamic Web pages.
It was developed by Microsoft to allow programmers to build dynamic web sites, web applications and web services. It was first released in January 2002 with version 1.0 of the .NET Framework, and is the successor to Microsoft's Active Server Pages (ASP) technology. ASP.NET is built on the Common Language Runtime (CLR), allowing programmers to write ASP.NET code using any supported .NET language. The ASP.NET SOAP extension framework allows ASP.NET components to process SOAP messages. History[edit] After four years of development, and a series of beta releases in 2000 and 2001, ASP.NET 1.0 was released on January 5, 2002 as part of version 1.0 of the .NET Framework.
Characteristics[edit] Directives[edit] Examples[edit] Inline code[edit] <%@ Page Language="C#" %><! Code-behind solutions[edit] The above tag is placed at the beginning of the ASPX file. Source language C#: User controls[edit] Web content management system. A web content management system (WCMS)[1] is a software system that provides website authoring, collaboration, and administration tools designed to allow users with little knowledge of web programming languages or markup languages to create and manage website content with relative ease.
A robust WCMS provides the foundation for collaboration, offering users the ability to manage documents and output for multiple author editing and participation. Most systems use a content repository or a database to store page content, metadata, and other information assets that might be needed by the system. Administration is also typically done through browser-based interfaces, but some systems require the use of a fat client.
A WCMS allows non-technical users to make changes to a website with little training. A WCMS typically requires a systems administrator and/or a web developer to set up and add features, but it is primarily a website maintenance tool for non-technical staff. Capabilities[edit] Web application framework. History[edit] Around the same time, full integrated server/language development environments first emerged, such as WebBase and new languages specifically for use in the web started to emerge, such as ColdFusion, PHP and Active Server Pages. Types of framework architectures[edit] Most web application frameworks are based on the model–view–controller (MVC) pattern.
Model–view–controller (MVC)[edit] Push-based vs. pull-based[edit] Three-tier organization[edit] In three-tier organization, applications are structured around three physical tiers: client, application, and database.[7][8][9][10] The database is normally an RDBMS. Framework applications[edit] General-purpose website frameworks[edit] For example, Zend Framework. Discussion forums, wikis and weblogs[edit] For example, WikiBase/WikiWikiWeb. Organizational portals[edit] For example, JBoss Portal or eXo Platform.
Content management systems (CMS)[edit] Features[edit] Web template system[edit] Caching[edit] Security[edit] Scaffolding[edit] Ajax[edit] PHP. Scripting language created in 1994 PHP is a general-purpose scripting language geared towards web development.[8] It was originally created by Danish-Canadian programmer Rasmus Lerdorf in 1993 and released in 1995.[9][10] The PHP reference implementation is now produced by the PHP Group.[11] PHP was originally an abbreviation of Personal Home Page,[12][13] but it now stands for the recursive initialism PHP: Hypertext Preprocessor.[14] The standard PHP interpreter, powered by the Zend Engine, is free software released under the PHP License.
PHP has been widely ported and can be deployed on most web servers on a variety of operating systems and platforms.[17] The PHP language has evolved without a written formal specification or standard, with the original implementation acting as the de facto standard that other implementations aimed to follow. History[edit] Early history[edit] <! PHP/FI could be used to build simple, dynamic web applications. PHP 3 and 4[edit] PHP 5[edit] PHP 7[edit] PHP 8[edit] Microsoft Visual Studio. Microsoft Visual Studio is an integrated development environment (IDE) from Microsoft. It is used to develop computer programs for Microsoft Windows superfamily of operating systems, as well as web sites, web applications and web services.
Visual Studio uses Microsoft software development platforms such as Windows API, Windows Forms, Windows Presentation Foundation, Windows Store and Microsoft Silverlight. It can produce both native code and managed code. Microsoft provides "Express" editions of its Visual Studio at no cost. Commercial versions of Visual Studio along with select past versions are available for free to students via Microsoft's DreamSpark program.[7] Architecture[edit] Visual Studio does not support any programming language, solution or tool intrinsically, instead it allows the plugging of functionality coded as a VSPackage. Support for programming languages is added by using a specific VSPackage called a Language Service. Features[edit] Code editor[edit] Debugger[edit]