Tutorial #06

1. If a Web user clicks on a link leading to a password-protected Web page, her browser will immediately request a user-ID and password before proceeding. How does the Web browser know that a particular page (or group of pages) is password-protected?

2. The concatenated user-ID and password string sent as part of an HTTP Basic "Authorization: " header is base64 encoded. Discuss the probable reasons for this, and its likely effectiveness.

3. What is a cookie in the context of HTTP?

4. The following markup appears in the context of a form in an HTML document. How would you expect it to appear on a Web page?

   <INPUT TYPE="TEXT"  NAME="Name" MAXLENGTH="64" SIZE="20">
   

5. The following string of text has been URLencoded. What might the original form have looked like? Artist's impression required!

   name=Phil+Scott&sex=male&occupation=Fairly+Ordinary+Lecturer
   

6. The GET method was originally recommended for submission of form data where the submission of the form is not intended to have side effects. What does this mean? What is the alternative?

7. The following URL is typical of those observed in queries to the Google Internet search engine.

   http://www.google.com/search?hl=en&q=%22phil+scott%22+bendigo

   1. Does this URL suggest that the <FORM METHOD=> used to generate it was specified as GET or POST?
   2. What (apparently) is the name of the program which is executed by the Web server?
   3. Give, in plain text, the query string which was used to generate this URL.
   4. Practical exercise: although this URL has been (slightly) edited, it still generates a valid Google search. Copy it from this Web page, and paste it into an "Open Page" dialog in your Web browser. What does it return?
   5. The previous question illustrates an important point about encoding FORM data into the URL -- it makes it useful for use in an "HREF". Why is this useful?

8. What does the CGI standard address?

9. When an HTML <FORM> is specified to use METHOD=POST, explain how the browser sends the form information (or QUERY_STRING) to the Web server.

10. (Advanced) An aspect of HTTP/1.0 (and 1.1) not mentioned in the lecture relates to the concept of virtual hosting. In this system, a Web server can behave as though it is another server: eg, the HTTP software (apache)on ironbark.bendigo.latrobe.edu.au could be configured to additionally respond to requests for (eg) greybox.bendigo.latrobe.edu.au Web pages. Using these techniques, typical commercial hosting sites can have hundreds and even thousands of "domains" hosted on a single machine. What aspect of the HTTP request format particularly supports virtual hosting? What other configuration tricks are likely to be required?