Sami Ullah Saleem
Posted on July 21, 2023
- HTTP vs HTTPS: *HTTP (Hypertext Transfer Protocol) * is the standard protocol used for communication between a web browser and a web server. It is not secure, meaning the data transmitted over HTTP is not encrypted, making it vulnerable to interception and tampering by attackers. On the other hand, HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP. It uses encryption protocols such as SSL (Secure Sockets Layer) or TLS (Transport Layer Security) to secure the communication between the web browser and the web server. HTTPS is identified by "https://" in the URL and ensures that data transmitted is encrypted and secure.
2. UDP vs TCP:
*UDP (User Datagram Protocol) and TCP (Transmission Control Protocol) * are both transport layer protocols used to transmit data over a network. The main differences between them are:
UDP: Provides connectionless communication and is often used for real-time applications such as video streaming, online gaming, and VoIP. It is faster but less reliable since it does not guarantee data delivery, and packets may arrive out of order or be lost.
TCP: Provides reliable, connection-oriented communication. It ensures that data packets are delivered in the correct order and without loss. TCP uses a three-way handshake to establish a connection between the sender and receiver before data transmission.
DNS (Domain Name System):
DNS is a system used to translate human-readable domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1) that computers can understand. When you enter a URL in your browser, the browser sends a DNS query to a DNS server, which returns the corresponding IP address. This IP address is then used to establish a connection with the appropriate web server.
Request Life Cycle:
The request life cycle refers to the process of how a web server handles a request from a client (usually a web browser). It typically involves the following steps:
a. DNS Resolution: The client resolves the domain name to an IP address using DNS.
b. Connection Establishment: The client establishes a TCP connection with the web server.
c. Request Handling: The client sends an HTTP request to the server, including the requested resource, method (GET, POST, etc.), and other headers.
d. Server Processing: The web server receives the request, processes it, and generates an appropriate response.
e. Response Sending: The server sends the response back to the client over the established TCP connection.
f. Browser Processing: The client (browser) receives the response and renders the web page or handles the data as required.
HTTP Request Types (GET, POST, PUT, etc.) and their Differences:
HTTP supports various request methods, each serving different purposes:
GET: Used to request data from the server. Parameters are sent in the URL, making it visible and limited in length. It is generally used for fetching data.
POST: Used to send data to the server in the request body. It is suitable for submitting forms or sending large amounts of data securely.
PUT: Used to update or replace existing data on the server with the data sent in the request body.
DELETE: Used to request the removal of a resource on the server.
PATCH: Used to apply partial modifications to a resource.
HEAD: Similar to GET but only retrieves the response headers, not the actual data.
OPTIONS: Used to request information about the communication options available for a resource.
Application Server vs. Web Server:
Web Server: A web server is responsible for handling HTTP requests from clients (browsers) and returning static content like HTML, CSS, and images. It manages the basic HTTP protocol, serves static files, and may support server-side includes. Examples include Apache HTTP Server and Nginx.
Application Server: An application server handles dynamic content and business logic. It interprets server-side code, interacts with databases, and generates dynamic HTML or other content to be sent to the client. Application servers are used to support web applications and APIs. Examples include Tomcat, Node.js, and Microsoft IIS.
How Encryption Works vs. How Hashing Works:
Encryption: Encryption is the process of converting plain text into a scrambled, unreadable form called ciphertext using an encryption algorithm and an encryption key. The recipient can decrypt the ciphertext back into the original plaintext using a decryption key. Encryption is used to secure data during transmission (e.g., HTTPS) and storage to prevent unauthorized access.
Hashing: Hashing is a one-way process of converting input data (any size) into a fixed-size string of characters using a hash function. The resulting output, called a hash value or hash code, is unique to the input data. Unlike encryption, hashing is not reversible, meaning you cannot convert the hash value back into the original data. Hashing is commonly used for data integrity checks, password storage, and digital signatures.
**
HTTP Headers:**
HTTP headers are additional pieces of information sent by the client or server in the request or response messages. They provide metadata about the request or response and allow clients and servers to pass various instructions, control caching behavior, enable CORS (Cross-Origin Resource Sharing), and set cookies, among other functionalities. Some common HTTP headers include "User-Agent," "Content-Type," "Accept," "Authorization," "Cache-Control," and "Location."
Comment Headers:
"Comment headers" is not a standard term in web development or HTTP. It is possible that this refers to custom headers added to HTTP requests or responses for documentation purposes or additional information specific to an application or system.
Above Average Topics:
SSL/HTTPS Encryption and Handshake:
SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols used to secure communications over a computer network. HTTPS, as mentioned earlier, is the implementation of HTTP over TLS/SSL.
The SSL/TLS handshake is the process of establishing a secure connection between a client (e.g., web browser) and a server. The handshake involves the following steps:
a. Client Hello: The client sends a "Client Hello" message to the server, containing supported cryptographic algorithms and other information.
b. Server Hello: The server responds with a "Server Hello" message, selecting the best cipher suite and providing its digital certificate (which includes the server's public key).
c. Certificate Exchange: The client verifies the server's certificate against a trusted Certificate Authority (CA) to ensure the server's authenticity.
d. Key Exchange: The client generates a random pre-master secret, encrypts it using the server's public key, and sends it to the server. Both client and server then derive the master secret from this pre-master secret.
e. Session Key Generation: Both client and server independently generate session keys from the master secret, which will be used for encryption and decryption during the session.
f. Encrypted Communication: The client and server exchange messages encrypted using the session keys, establishing a secure channel for further communication.
Nameservers:
Nameservers are part of the Domain Name System (DNS) infrastructure and are responsible for translating domain names into IP addresses. When you enter a domain name into a browser, the browser queries a nameserver to obtain the IP address associated with that domain. There are two types of nameservers: authoritative nameservers and recursive/resolver nameservers.
Authoritative Nameservers: These nameservers hold the official records for specific domains. They store information about the IP addresses of the servers associated with a domain.
Recursive/Resolver Nameservers: These nameservers are used by clients (e.g., browsers) to resolve domain names. They recursively query authoritative nameservers to find the IP address associated with a given domain.
Understanding SSL/HTTPS encryption, HTTP handshake, and the role of nameservers is valuable knowledge for web developers and administrators, as it helps ensure secure communication and proper functioning of web applications.
Django
Django is an open source web development framework. It's built on Jazz philosophy. It means it's free and open source.
Django also provides an optional administrative create, read, update and delete interface that is generated dynamically through introspection and configured via admin models. It provides you serialization, Caching, middleware, web server for testing, MVT architecture which is based on basically MVC and an interface to built python built in unit test. The main goals of python is simplicity, flexibility, reliability, and scalability. DRY philosophy — Don’t Repeat Yourself — which means developers can reuse existing code and focus on the unique one.
**
What You Can Do with Django **
You can build ecommerce application, financial applications, face matching applications and many more.
Summary,
Django is a great addition to projects that need to handle large volumes of content (e.g., media files), user interactions or heavy traffic, or deal with complex functions or technology (e.g., machine learning). Yet it is simple enough for smaller-scale projects, or if you intend to scale your project to a much higher level. That’s why Django is used by so many companies that vary in size and goals.
Loose Coupling means that your code should be modular and less dependent on other modules or dependencies.
Django Philosophy
In Templates, avoid repetition, make it simple, using dynamic engine or interpolation for creating templates.
In Model, you should not assume things or characteristics. You should have good knowledge of the requirements.
In View, it should be simple. Handle GET POST requests and should have loose coupling.
In all cases, explicit is better than implicit, Simplicity, consistency, and best practices should be in mind.
Posted on July 21, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.