Closer Inspection of a Web Application
Web Application: Web application is designed to run on web servers and send their output over the Internet. Let’s examine the running of such applications in their environment.
You can visualize a web application as consisting of not only a client and server but also layers. These layers are as follows:
Presentation Layer: Responsible for the display and presentation of information to the user on the client side.
Logic Layer: Used to transform, query, edit, and otherwise manipulate information to and from the forms in which it needs to be stored on presented.
Date Layer: Responsible for holding the data and information for the application as a whole.
All of these layers depend on the technology brought to the table in the form of the World Wide Web, HTML, and HTTP.
HTTP is the main protocol used to facilitate communication between clients and server, and it operates over port 80, but other protocols are sometimes used.
NOTE: HTTPS (HTTP employing encryption mechanism) can be used to protect data in transit. This approach is common is applications such as webmail and e-commerce.
Web application make heavy use of an underlying web server technology such as Microsoft’s Internet Information Services (IIS), Apache Server, and Oracle’s iPlanet Web Server.
Resource such as web pages are requested via the stateless HTTP. The client provides a uniform resource identifier (URI), which tells the server what information is being requested and what to return.
NOTE: Stateless refers to the fact that the protocol does not keep the track of session information form one connection to the next. Each communication in HTTP is treated as a separate connection.
Another common component of web application is the feature known as cookies. A cookie is a file stored in a client system that is used as a token by application to store information of some type (depending on the application).
As far as applications are concerned, cookies are a common element, but from a security standpoint, they are viewed as a liability since they can be easily copied.