Web

Applications
Technologies
CYB 236
Web Applications Technologies
 What Is Web Application?
 HTTP protocol.
 Coding designs and architectures.
 REST API
 JavaScript
 XML
 JSON
REST APIs
REST stands for Representational State Transfer, which is a fancy way of defining an API that has a few
unique behaviors:

It must be separate from the client

• REST APIs are designed for building highly scalable, but simple, web applications. Separating the client from the API
but following a strict API structure makes it easy for the client application to request resources from the API without
being able to make calls to a database or perform server-side logic itself.
It must be stateless
• By design, REST APIs only take inputs and provide outputs. The APIs must not store any state regarding the client’s
connection. This does not mean, however, that a REST API cannot perform authentication and authorization—instead,
authorization should be tokenized and sent on every request.
It must be easily cacheable
• To properly scale a web application delivered over the internet, a REST API must be able to easily mark its responses
as cacheable or not. Because REST also includes very tight definitions on what data will be served from what endpoint,
this is actually very easy to configure on a properly designed REST API. Ideally, the caches should be
programmatically managed to not accidentally leak privileged information to another user.
Each endpoint should define a specific object or method
• Typically these are defined hierarchically; for example, /moderators/joe/logs/12_21_2018. In doing so, REST APIs can
easily make use of HTTP verbs like GET, POST, PUT, and DELETE. As a result, one endpoint with multiple HTTP
verbs becomes self-documenting.
REST APIs

 Want to modify the

moderator account “joe”?
Use PUT /moderators/joe.
Want to delete the
12_21_2018 log? All it
takes is a simple
deduction: DELETE
/moderators/joe/logs/12_21
_2018.
 Because REST APIs follow a
well-defined architectural
pattern, tools like Swagger
can easily integrate into an
application and document
the endpoints so it is easier
for other developers to pick
up an endpoint’s intentions
as shown in the figure
REST APIs

 In the past, most web applications used

Simple Object Access Protocol (SOAP)-
structured APIs. REST has several
advantages over SOAP
 Requests target data, not functions
 Easy caching of requests
 Highly scalable
 Furthermore, while SOAP APIs must
utilize XML as their in-transit data
format, REST APIs can accept any data
format, but typically JSON is used.
 JSON is much more lightweight (less
verbose) and easier for humans to read
than XML, which also gives REST an
edge against the competition.
 JavaScript is a programming language that
is one of the core technologies of the

JavaScript World Wide Web, alongside HTML and CSS.

As of 2023, 98.7% of websites use JavaScript

on the client side for webpage behavior.

All major web browsers have a dedicated

JavaScript engine to execute the code on
users' devices.

JavaScript is a high-level, often just-in-time

compiled language that conforms to the
ECMAScript standard.

JavaScript engines were originally used only

in web browsers but are now core
components of some servers and a variety
of applications. The most popular runtime
system for this usage is Node.js.
XML
Extensible Markup Language (XML) is a markup language and
file format for storing, transmitting, and reconstructing
arbitrary data.
It defines a set of rules for encoding documents in a format
that is both human-readable and machine-readable.

The design goals of XML emphasize simplicity, generality,

and usability across the Internet.

It is a textual data format with strong support via Unicode for

different human languages.

Although the design of XML focuses on documents, the

language is widely used for the representation of arbitrary
data structures such as those used in web services.
Several schema systems exist to aid in the definition of XML-
based languages, while programmers have developed many
application programming interfaces (APIs) to aid the
processing of XML data.
 Benefits of using XML

Support Maintain data Improve search Design flexible

interbusiness integrity efficiency applications
transactions
When a company XML lets you Computer programs With XML, you can
sells a good or transfer data along like search engines conveniently
service to another with the data’s can sort and upgrade or modify
company, the two description, categorize XML files your application
businesses need to preventing the loss more efficiently and design. Many
exchange of data integrity. precisely than other technologies,
information like You can use this types of especially newer
cost, specifications, descriptive documents. For ones, come with
and delivery information to do example, the built-in XML
schedules. With the following: word mark can be support. They can
Extensible Markup • Verify data either a noun or a automatically read
Language (XML), accuracy verb. Based on XML and process XML
they can share all • Automatically tags, search data files so that
the necessary customize data engines can you can make
information presentation for accurately changes without
electronically and different users categorize mark for having to reformat
close complex • Store data relevant search your entire
deals automatically, consistently across results. Thus, XML database.
without any human multiple platforms helps computers to
intervention. interpret natural
language more
efficiently.
Components of an XML file

Text editors like Notepad or Notepad++

Create or Online XML editors
edit an XML
Web browsers
The <xml></xml> tags are used to mark the beginning and end of an
XML XML file. The content within these tags is also called an XML
document document. It is the first tag that any software will look for to process
XML code.

XML An XML document begins with some information about XML itself. For
example, it might mention the XML version that it follows. This
declaration opening is called an XML declaration. Here's an example.

XML All the other tags you create within an XML document are called XML
elements elements. XML elements can contain these features:
• Text
• Attributes
XML XML
• Otherelements
can have other descriptors called attributes. You can
elements
define your own attribute
All XML documents names
begin with and write
a primary the
tag, attribute
which values
is called thewithin
root
attributes quotation
element. marks as shown below.

The data in XML files is also called XML content. For example, in the
XML content XML file, you might see data like this.
JavaScript Object Notation
JSON
 JSON is an open standard file format and data interchange
format that uses human-readable text to store and transmit data
objects consisting of attribute–value pairs and arrays (or other
serializable values).
 It is a common data format with diverse uses in electronic data
interchange, including that of web applications with servers.

 JSON is a language-independent data format.

 It was derived from JavaScript, but many modern programming
languages include code to generate and parse JSON-format data.
JSON vs. XML

Features JSON XML

Format JSON uses a maplike XML stores data in a tree
structure with key-value structure with namespaces
pairs. for different data categories.
Syntax The syntax of XML substitutes
The syntax of JSON is more
some characters for entity
compact and easier to read
references, making it more
and write.
verbose.
You can parse JSON with a You need to parse XML with
Parsing
standard JavaScript function. an XML parser.
Schema
JSON is simple and more XML is complex and less
documentatio
flexible. flexible.
n
JSON vs. XML

Features JSON XML

XML supports all JSON data
JSON supports numbers,
types and additional types
Data types objects, strings, and
like Boolean, dates, images,
Boolean arrays.
and namespaces.
JSON has smaller file XML tag structure is more
Ease of use sizes and faster data complex to write and read
transmission. and results in bulky files.
You should turn off DTD
when working with XML to
Security JSON is safer than XML.
mitigate potential security
risks.
Thank