Server Side Scripts
PHP, JavaScript, Pearl, ASP and TLS/SSL
Descriptions copied from : http://en.wikipedia.org/wiki/Server-side_scripting
Server-side scripting is a technique used in website design which involves embedding scripts in an HTML source code which results in a user's (client's) request to the server website being handled by a script running on the server-side before the server responds to the client's request. Scripts can be written in any of a number of server-side scripting languages that are available
Server-side scripting differs from client-side scripting where embedded scripts, such as JavaScript, are run client-side in a web browser. Server-side scripting is usually used to provide an interface for the client and to limit client access to proprietary databases or other data sources. Server-side scripting also enables the website owner to reduce user access to the source code of server-side scripts which may be proprietary and valuable in itself. The down-side to the use of server-side scripting is that the server website computer needs to provide most of the computing resources before sending a page to the client computer for display via its web browser.
When the server serves data in a commonly used manner, for example according to the HTTP or FTP protocols, users may have their choice of a number of client programs (most modern web browsers can request and receive data using both of those protocols). In the case of more specialized applications, programmers may write their own server, client, and communications protocol, that can only be used with one another.
Programs that run on a user's local computer without ever sending or receiving data over a network are not considered clients, and so the operations of such programs would not be considered client-side operations.
In the earlier days of the web, server-side scripting was almost exclusively performed by using a combination of C programs, Perl scripts, and shell scripts using the Common Gateway Interface (CGI). Those scripts were executed by the operating system, and the results were served back by the web server. Many modern web servers can directly execute on-line scripting languages such as ASP and PHP either by the web server itself or via extension modules (e.g. mod_perl or mod_php) to the web server. For example, WebDNA includes its own embedded database system. Either form of scripting (i.e., CGI or direct execution) can be used to build up complex multi-page sites, but direct execution usually results in less overhead because of the lower number of calls to external interpreters.
Script Languages:
There are a number of server-side scripting languages available, including:
ASP (*.asp)
ActiveVFP (*.avfp)
ASP.NET (*.aspx)
C (*.c, *.csp) via CGI
ColdFusion Markup Language (*.cfm)
Groovy Server Pages (*.gsp)
Java (*.jsp) via JavaServer Pages
JavaScript using Server-side JavaScript (*.ssjs, *.js) (example: Node.js)
Lua (*.lp *.op *.lua)
Perl CGI (*.cgi, *.ipl, *.pl)
PHP (*.php)
R (*.rhtml) - (example: rApache)
Python (*.py) (examples: Pyramid, Flask, Django)
Ruby (*.rb, *.rbw) (example: Ruby on Rails)
SMX (*.smx)
Lasso (*.lasso)
Tcl (*.tcl)
WebDNA (*.dna,*.tpl)
Progress WebSpeed (*.r,*.w)
Secure Network Programming API: TLS/SSL
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communication security over the Internet. A prominent use of TLS is for securing World Wide Web traffic between the website and the browser carried by HTTP to form HTTPS. Notable applications are electronic commerce and asset management.
They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication. Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key.
No comments:
Post a Comment