5032+Summary.pdf - 5032 Summary Week1 Internet Application Development HTTP History How was the internet originally developed It was a US military

5032+Summary.pdf - 5032 Summary Week1 Internet Application...

This preview shows page 1 out of 11 pages.

You've reached the end of your free preview.

Want to read all 11 pages?

Unformatted text preview: 5032 Summary Week·1 Internet Application Development HTTP History(大概看一下) How was the internet originally developed? It was a US military sponsored project that was then (much later) opened to commercial applications The main problem with the HTTP protocol version 1.0 No persistent connections Which of the following are valid HTTP request commands? PUT, GET, POST, DELETE, CONNECT, HEAD, TRACE IBM’s rule of 10’s A problem that cost $1 to fix in: Design, costs $10 to fix in development and $100 in deployment The customer is the expert in the application that is being developed. Security issues is the problems associated with CGI programmes Design(会背) Where should we start when developing a new application By design (Plan the application) Waterfall This model assumes that the steps can be completed sequentially and that there will never be a need to re-­‐visit a phase once it is complete Rigid structure Need to be specified fully and accurately from the start Planning, analysis, design creation, implementation and maintenance. Agile Promotes rapid and iterative development, Based on feedback from the client, Break down the system into builds which contain specific functions, and these builds are then fully developed and delivered to the client. 1.Colors schemes Use variations in hue and saturation on one segment of the color wheel 2.Analogous schemes Use variations in hue and saturation on adjacent segments of the color 3.Complementary color schemes Use variations in hue and saturation on segments 180 degrees opposite each other of the color wheel. Usability Navigation Flexibility and Efficiency Visual Clarity Feedback Error prevention Consistency Familiarity In terms of the Flow Bohl usability guidelines, the navigation is the most important for the normal user. Lifecycle The webpage with (client side) JavaScript lifecycle (traditional) • Write the page/code • Client requests page/code • Page rendered • Code executes on client The webpages with (client side) JavaScript lifecycle (modern) • Write the page/code • Client requests page/code • Code executes on client • Page rendered Hints: Modern JavaScript client code is normally used in this manner; the JavaScript code rewrites the web page and it is then rendered again. Lifecycle of HTML Application When a client request a page from web server, the web server Read the request from the browser Finds the page on the server Sends the page back across the internet to the requesting client For PHP and ASP.NET When a client request a page from web server, the web server Read the request from the browser Passed to appropriate engine Creates the HTML output Sends the page back across the internet to the requesting client PHP, ASP.NET Benefits Universal browser readability User platform independence Protection of source code Drawback Increased network traffic Increased server load ASP.NET: Allow the development of dynamic web pages Week 2 HTML, ASP HTML form limitations HTML forms is that they lack the capability to actually process data collected via a form, generally need other technology must be used in conjunction with the form to process the data (like action, method”) Type of ASP.NET Server Controls HTML Server Controls Web controls ASP Server Control Categories Standard -­‐Basic controls such as button, links, images, lists Validation -­‐used to validate data input by users Navigation -­‐navigation features, such as Menus, allow user to navigate around web site Data -­‐provide access to data sources such as databases or XML files Login -­‐Provide a login mechanism for users to gain access to a site Server Control properties(大概知道) Accesskey BackColor/ForeColor CssClass Event handler: A block of code that executes in reaction to a specified event. _ViewState hidden field • ASP field for maintaining the state of the form • This is used to overcome some of the limitations of the stateless HTTP protocol • Problem with traditional ASP web applications and the _VIEWSTATE hidden field A large amount of data is passed to and from the server in each page refresh. Why server side event processing was implemented: Security can be maintained by ensuring all events are processed on the server Why does ASP.NET have a reduced set of events compared to client side JavaScript? Performance issues associated with some client side events Week 3 Introduction to ASP.NET MVC MVC PATTERN Model: A class or set of classes that describes all the business logic and additionally handles data access for an application. Also contains code that defines its relationship with other modes, defines the data validation rules to be used when adding or updating data. Controller: Controls the application flow or logic of the application, controller logic decides what response is to be generated Controller logic normally contains calls to models to access data, and other functionalities like access control checks Controller passes the response to the view. View Is the outputs or responses that are sent back to the user once a request is processed, consist of markup (html) code with embedded.NET code. In An ASP.Net MVC application The URL is used by the controller to call the relevant Action and view And has three segments: for example :/Product/Details/3, each represents Controller = Product, Action = Details, Id = 3. In an MVC application, how is the home/index view automatically loaded The default route uses the home control and the index action, because the default (empty url) is mapped to the home controller and index action as shown above. Master Pages vs Layouts Razor views use a layout to determine their look and feel 5 feature of a layout page Used to link a controller and action inserted into an MVC application @HtmlActonLink(“Home”,”Index”,”Home”) • link text • action-­‐the name of the controller method which will be called by this link • Controller-­‐ the name of the controller @RenderSection (“content”, required: false) renders the content section of the View file, not mandatory to have such a named section @RenderBody () renders any content not within a named section @Scripts.Render() add the JavaScript references to the file @Styles.Render() add the stylesheet references In an MVC application, how is the home/index view automatically loaded The default route uses the home controller and the index action How is a link to a controller and action inserted into an MVC application Using the html helper action link In an ASP.Net MVC application, where can the jQuery JavaScript files be included • Rendered as a script bundle: @Scripts.Render(“~/bundles/jquery”) • Rendered as a script file: (“~/scripts/jquery.js””) • Included as a script file: <script type=’text/JavaScript’ src=’Scripts/jquery.js’/> JQuery ui css styles can be added to an ASP.Net MVC application using • A style render @Styles.Render(“~/Content/JQuery-­‐ui.css”) • A style bundle @Styles.Render(“~/Content/themes/base/css”) • An HTML stylesheet link <link href=”~/Content/themes/jquery.ui.all.css rel=”stylesheet type=text/css/> In a razor view engine application the layout.cshtml is like the Master page The @Renderbdy shows where the section marked as noting will be rendered Why is the autogenerated code “/* id = item.Primarykey commentend out If uncommented, the edit and update options can be a security issue What database can be used in an MVC application? ORM/ADO.Net database The advantages of designing the database first rather than the code • Auto generation of models from the database. • Auto generation of code from the model Why should the database design including adding foreign keys linking tables be done before application development? • Additional code implementing interaction between the tables can be automatically generated • Additional features linking the data model can be automatically generated Code First vs Database First Traditionally-­‐ • Code first • Update code (and model) and automatically update database • Often drop and recreate though Database First-­‐ • Can be easier to manage • Update Database and automatically update model • Then update code Week 6 Email and file upload Does the asp.net email functionality use a built in mailserver (in IIS) NO, it uses a mail client and an external Mail Server What use is the display name field in the asp.net It allows the details to be displayed in email clients(as well as the email address) What would cause ASP.NET to fail when sending an email The mail Server is not available The main advantage of server side email functionality Better quality of service as can be instantaneous 24/7 Better confidentiality as automated No need to employ people to email information to clients/customers Why it is important to set a maximum file upload size One way to stop a file upload attack on the server Why is it a good idea to restrict the files uploads to the expected types • Some code may not work if the correct files types are not used • The expected file types are uploaded • To stop an attack, such as uploading .aspx files with malicious code. Why are listing of directory contents and file contents normally considered risking in terms of security User can see if there are any exploits What does the built-­‐in data binding of AngularJS provide Bi-­‐directional data binding from user input(view) to model and model to view Week 7 AngularJS Single Page Applications Allow al functionality to be in one page HTML page, JavaScript, Css loaded on first page load Dynamic (ajax)interaction with the server Retrieves data from web service ( normally) User interface control moves from server to the client What is the view template language of AngularJS HTML What are the 3 major parts of the AngularJS framework Ng-­‐app:defines and links an AngularJS application to HTML ng-­‐model: binds the values of AngularJS application data to HTML input controls ng-­‐bind: binds the AngularJS Application data to HTML tags. AngularJS Features • Built in data binding -­‐Bi-­‐directional data binding, from model to view and view to model • HTML as template language for views • User interface model and control controller handled by the Browser -­‐No need to contact server for these UI based updates -­‐New views can be rendered without server interaction Which part of an asp.net MVC application allows the loading of AngularJS SPA at startup ? The view What was the initial driver for the popularity of Client side JavaScript frameworks Browser compatibility issues Which of the following is a client side JavaScript framework? BackboneJS AngularJS ReactJS EmberJS How would the same single page ASP application be implemented using MVC technology? • Add a configuration module • Add an app module • Add a router module • Add an action and view • Modify the the viewstart.cshtml file, so MVC will load views without using the _layout.cshtml file by default • Update the layout navigation links to match related the URL WEEK8 Validations Why are asp.net validators used in web applications To ensure data quality and integrity Why do we have Required Field Validators? There are some fields that can’t be null/empty Why do we have range Validators? Some data must be between a certain range of values Why do we have compare validators? • To improve data quality in web applications • To check two input fields are consistent • To check one input field against a given value Why do we have regular expression validators? Complex patterns can’t be checked using other validators such as compare validators Why do we have custom validators? To create specific validation code that can’t easily be done using normal validators Week9 Web Optimisation What is web optimisation Way to increase the web application speed Which of the following will not reduce the number of http requests? Minifying JavaScript files Reduce the number of http requests Combining CSS FILES into one large file Combining icons into one large image Combining a banner animation into one file Combining JavaScript files into the large file Which of the following will not reduce the size (in bytes) of an image file Zipping up a fully compressed .png file Reduce the size of an image file Applying lossy(.jpeg) compression Applying lossless (.png) compression What does minify do Removes while space characters (tabs and line breaks) What does uglify do Change large variable and function names to smaller names Week 10 Security ASP.NET MVC Security Require users to log in to the website Require username and password Some application use role based authentication Account information stored file system or database What is the most secure way of storing passwords? Salting and hashing What is Cross site scripting attack? When Scripts are submitted to your site (potentially executing) What is cross site request forgery? When another site submits malicious input to your site Week 11 Which of the following hosting methods requires the most IT administration from the Application owner? IIS server and sql server servers Which of the following hosting methods requires the least it administration from the Application owner Cloud based IIS and SQLServer service hosting What is the normal sequence of test and development in the cloud Develop, test locally, test on cloud, publish ...
View Full Document

  • One '17

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture