https://homeostasis.scs.carleton.ca/wiki/index.php?action=history&feed=atom&title=WebFund_2024F_Lecture_6 2026-04-22T17:46:25Z Revision history for this page on the wiki MediaWiki 1.42.1 https://homeostasis.scs.carleton.ca/wiki/index.php?title=WebFund_2024F_Lecture_6&diff=24736&oldid=prev 2024-09-26T18:07:11Z

<p></p> <table style="background-color: #fff; color: #202122;" data-mw="interface"> <col class="diff-marker" /> <col class="diff-content" /> <col class="diff-marker" /> <col class="diff-content" /> <tr class="diff-title" lang="en"> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 18:07, 26 September 2024</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1">Line 1:</td> <td colspan="2" class="diff-lineno">Line 1:</td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Video==</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Video==</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> <tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Video from the lecture for September 26, 2024 is now available: <del style="font-weight: bold; text-decoration: none;">(NOT YET)</del></div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Video from the lecture for September 26, 2024 is now available:</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.m4v video]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.m4v video]</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.cc.vtt auto-generated captions]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.cc.vtt auto-generated captions]</div></td></tr> </table>

Soma https://homeostasis.scs.carleton.ca/wiki/index.php?title=WebFund_2024F_Lecture_6&diff=24735&oldid=prev 2024-09-26T17:32:56Z

<p>Created page with &quot;==Video== Video from the lecture for September 26, 2024 is now available: (NOT YET) * [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.m4v video] * [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.cc.vtt auto-generated captions] ==Notes== &lt;pre&gt; Lecture 6 --------- * Assignment 1 is based on simpleserver2.js, which is a simplified version of formdemo.js * Assignment 1 will b...&quot;</p> <p><b>New page</b></p><div>==Video==<br /> <br /> Video from the lecture for September 26, 2024 is now available: (NOT YET)<br /> * [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.m4v video]<br /> * [https://homeostasis.scs.carleton.ca/~soma/webfund-2024f/lectures/comp2406-2024f-lec06-20240926.cc.vtt auto-generated captions]<br /> <br /> ==Notes==<br /> <br /> &lt;pre&gt;<br /> Lecture 6<br /> ---------<br /> <br /> * Assignment 1 is based on simpleserver2.js, which is a simplified version of formdemo.js<br /> <br /> * Assignment 1 will be due on Oct. 4th at earliest. Code is online, questions should be up in the next day.<br /> <br /> * The assignment will be a mix of explaining and writing code based on simpleserver2.js, as well as explaining how you came up with your answers.<br /> <br /> * your assignment answers will be a text file following a supplied template<br /> - a script will split up your submissions by questions so TAs can grade specific questions rather than entire assignments<br /> <br /> <br /> When a browser makes an HTTP request, it generally uses one of two types of requests:<br /> - GET to get content<br /> - POST to submit information to the server<br /> <br /> Now, it is often possible to do POST-like things with GET, but you shouldn&#039;t<br /> - GET is assumed to be safe to call multiple times (it is idempotent)<br /> - POST is assumed to NOT be safe, so repeated form submissions won&#039;t happen without alerting the user<br /> <br /> In an HTML form<br /> - &lt;form&gt; encloses the form<br /> - &lt;input&gt; labels each input widget<br /> - &lt;label&gt; is the label for the input widget<br /> - name= sets the key used to identify values sent to the server<br /> - type= sets the type of input widget used to get user data<br /> - some widgets do input validation/constraints<br /> - SERVER can never trust that the client did its job,<br /> must validate data on its own<br /> - so you should validate on the client (for a better user experience)<br /> and on the server (for security/integrity/proper functionality, etc)<br /> - to submit the form, there is normally a button of type &quot;submit&quot;<br /> - submits all data in the form<br /> <br /> When we say input validation, we can mean a lot of things<br /> - for a date, make sure it is a valid date (e.g., month is between 1 and 12)<br /> - but can also include other constraints, such as a credit card expiration date should be in the future, not the past<br /> - sometimes types can be used for validation, but type-based validation is almost always partial, there are other constraints<br /> <br /> input validation is HARD, give it respect<br /> - most application bugs and security issues arise from insufficient input validation<br /> <br /> If you take user input on one page and show it to other users without proper input validation/escaping, your app becomes vulnerable to cross-site scripting attacks<br /> - name isn&#039;t quite accurate<br /> - just means attacker injects code into web app that isn&#039;t run on the server,<br /> but is instead run on the client (but a victim user&#039;s browser, not the attacker&#039;s browser)<br /> &lt;/pre&gt;</div>

Soma