– A possible solution to the proliferation of different

protocols being used on the Internet Origins

– Tim Berners-Lee at CERN proposed the Web

in 1989

Web Browsers

Browsers are clients – always initiate, servers

react (although sometimes servers require


– Most requests are for existing documents, using

HyperText Transfer Protocol (HTTP)

Web Servers

Provide responses to browser requests, either

existing documents or dynamically built


Uniform Resource Locators

– General form:scheme:object-address

The scheme is often a communications protocol,

such as telnet or ftp

For the http protocol, the object-address is:

fully qualified domain name/doc path

Multipurpose Internet Mail

Extensions (MIME)

– Originally developed for email, Used to specify to the browser the form of a file

returned by the server (attached by the server to

the beginning of the document) / – Form: type/subtype

– Examples: text/plain, text/html, image/gif,


The HyperText Transfer Protocol

– The protocol used by ALL Web communications

Request Phase

– Form:

HTTP methoddomain part of URL HTTP ver.

Header fields

blank line

Message body

– An example of the first line of a request:


Most commonly used methods:

GET – Fetch a document

POST – Execute the document, using the data in


CSSs provide the means to control and

change presentation of HTML documents

– CSS is not technically HTML, but can be

embedded in HTML documents

body {

  background-color: lightblue;


h1 {

  color: white;

  text-align: center;


p {

  font-family: verdana;

  font-size: 20px;


HTML tag: It is the root of the html document which is used to specify that the document is html.


<html> Statements… </html>




        <title>Title of your web page</title


    <body>HTML web page contents </body


AJAX = Asynchronous JavaScript and XML. AJAX is a technique for creating fast and dynamic web pages. AJAX allows web pages to be updated asynchronously by exchanging small amounts of data with the server behind the scene

A Relational database management system (RDBMS) is a database management system (DBMS) that is based on the relational model. An important feature of relational system is that a single database can be spread across several tables. This differs from flat file database in which each database is self-contained in a single table.


JavaScript is a high-level, interpreted programming language that has been widely used since its release in 1995. JavaScript is currently the world’s 11th most popular programming language. JavaScript is commonly used in dynamic web pages to provide extended functionalities such as form submission/validation, interactivity, animations, user activity tracking and more. In order to do this, a JavaScript function is embedded in an HTML page, where it can interact with that page’s Document Object Model (DOM) to perform specific functions. 

One of the most common JavaScript security vulnerabilities is Cross-Site Scripting (XSS). Cross-Site Scripting vulnerabilities enable attackers to manipulate websites to return malicious scripts to visitors.

Another common JavaScript security vulnerability is Cross-Site Request Forgery (CSRF). Cross-Site Request Forgery vulnerabilities allow attackers to manipulate victims’ browsers to take unintended actions on other sites.

The HTML DOM (Document Object Model)

When a web page is loaded, the browser creates a Document Object Model of the page.

The HTML DOM model is constructed as a tree of Objects:

A Web page is a document. This document can be either displayed in the browser window or as the HTML source. But it is the same document in both cases. The Document Object Model (DOM) represents that same document so it can be manipulated. The DOM is an object-oriented representation of the web page, which can be modified with a scripting language such as JavaScript.

Servlets are the Java programs that runs on the Java-enabled web server or application server. They are used to handle the request obtained from the web server, process the request, produce the response, then send response back to the web server. Properties of Servlets : Servlets work on the server-side.

A PHP script is executed on the server, and the plain HTML result is sent back to the browser.

Basic PHP Syntax

A PHP script can be placed anywhere in the document.

A PHP script starts with <?php and ends with ?>:


// PHP code goes here


The default file extension for PHP files is “.php”.

A PHP file normally contains HTML tags, and some PHP scripting code.

Below, we have an example of a simple PHP file, with a PHP script that uses a built-in PHP function “echo” to output the text “Hello World!” on a web page: