doing things with the Web: where
this tutorial - originally called programming the Web -
discussed the various possibilities of enhancing Web documents and providing
access to data and services not available with static HTML. the four speakers
gave a general overview of different programming technics and how they work.
programming can be done either on the server side or on
the client side.
server side programming:
a WebServer can not only send static HTML documents back to the client, but
its functionality can be extended by the following means:
- server side includes (ssi): this allows the inclusion of
some information into documents sent back to the client. it is a quite trivial
method and does not require any programming. ssi may depend on the brand of the
http server being used.
- common gateway interface (cgi): provides information
about the client and optionally additional data e.g. entered into a form by the
user. this data may be processed either by a shell script or by a program
written in perl, tkl, C or whatever programming language seems to be
there is a proposed new standard called FastCGI
which includes embedded perl and possibly other programming language
interpreters into the http server to speed up the execution of such programs.
- server plug-ins using API: there is no WWW server
API standard yet ! server plug-ins are heavily dependant on the brand of
the http server being used. server APIs provide not only access to data similar
to cgi, but they support what is called staging. plug-ins can
get control over the process of responding to an HTTP request at various stages,
NOTE: currently, the apache server is one of
the most comprehensive WebServers and supports nine different stages.
- URL translation: this may be used for re-direction, proxy
support and even load balancing by referring further processing of an HTTP
request to another server.
- authentication: plug-ins can incorporate various types of
authentication including digest, cookies, kerberos and DCE (Distributed
- authorization: plug-ins may support groups, ACLs and
other authorization mechanism.
- response handler: plug-ins at this stage may return not
only static documents, but may interact with other applications or provide
access to databases etc.
- some WebServer may also support perl and Java plug-ins.
WARNING: no matter what kind of programming method will be used, security
should always be a major concern !
client side programming:
there are basically two types of client side programming: executable
content (such as Java applets) and browsers extensions
(so called plug-ins).
what are the advantages of client side programming ?
- it can reduce the load on the server and on the network
- it takes advantage of the client's resources
- it localizes processing
as an example, the client my validate the various fields of a form before it
gets transmitted over the net. it does not make sense to transfer the contents
of a form across the ocean just to find out that a field was not filled in or
contains an incorrect value. this is a waste of network bandwidth and computing
power on the server.
what are the disadvantages of client side programming ?
- it requires resources on the client
- it reduces portability
- it increases complexity
- it introduces security threats on the client
possible improvements without any programming:
- client side maps
- animated GIFs
- style sheets
- use of helper applications and plug-ins to display additional MIME-types.
but both - helper applications and plug-ins - are hardware and operating system
dependant and my introduce serious portability problems.
possible improvements with little programming:
NOT portable because they are browser dependant
possible improvements with programming:
- Java applets: run a bytecode on a virtual machine in a restricted
- ActiveX: includes controls (similar to Java applets) and scripting (similar
for Web AND non-Web applications. the Java virtual machine makes applets look
controls provide active content and have full access to
system and network resources. they can interact with non-ActiveX applications
and provide full desktop integration. programming tools include Visual C++,
Borland C++ and many more.
security is addressed by authentication (code
signing) and accounting rather than by introducing limitations to the
functionality and capabilities of ActiveX.
there are also other rather odd methods to enhance the appearance of a Web
document, such as absolute positioning or layered HTML. these methods are highly
browser dependant and therefore badly suited for use on the Internet.
this tutorial is available on
to the WWW6 trip report main
08-apr-1997 (ra) /