SlideShare a Scribd company logo
HTTP is your architecture
                       International PHP Conference Spring Edition


                                Kore Nordmann (@koredn)
                                Tobias Schlitt (@tobySen)



                                     May 31, 2011




HTTP is your architecture                                            1 / 34
About us



            Degree in computer sience
            More than 10 years of       Qafoo
                                        passion for software quality
            professional PHP
            Open source enthusiasts
            Contributing to various
            FLOSS projects




HTTP is your architecture                                              2 / 34
About us



            Degree in computer sience
            More than 10 years of       Qafoo
                                        passion for software quality
            professional PHP
            Open source enthusiasts
            Contributing to various
            FLOSS projects




HTTP is your architecture                                              2 / 34
About us



            Degree in computer sience
            More than 10 years of       Qafoo
                                        passion for software quality
            professional PHP
            Open source enthusiasts
            Contributing to various
            FLOSS projects




HTTP is your architecture                                              2 / 34
About us


                                        Co-founders of
            Degree in computer sience
            More than 10 years of       Qafoo
                                        passion for software quality
            professional PHP
            Open source enthusiasts
            Contributing to various
            FLOSS projects




HTTP is your architecture                                              2 / 34
About us


                                             Co-founders of
            Degree in computer sience
            More than 10 years of             Qafoo
                                              passion for software quality
            professional PHP
            Open source enthusiasts     We help people to create
            Contributing to various        high quality PHP
            FLOSS projects                    applications.




HTTP is your architecture                                                    2 / 34
About us


                                             Co-founders of
            Degree in computer sience
            More than 10 years of             Qafoo
                                              passion for software quality
            professional PHP
            Open source enthusiasts     We help people to create
            Contributing to various        high quality PHP
            FLOSS projects                    applications.

                                           http://qafoo.com



HTTP is your architecture                                                    2 / 34
Outline


     Introduction

     HTTP

     Taking it further

     Conclusion




HTTP is your architecture   3 / 34
Aspects of a web application



             Scalability
             Reliability
             Simplicity
             Usability
             Security
             Standard Compliance




HTTP is your architecture          4 / 34
Architecture




                                     LCoDC$SS
             Who heard of this term before?
                     This is HTTP. [Fie00]




HTTP is your architecture                       5 / 34
Architecture




                                     LCoDC$SS
             Who heard of this term before?
                     This is HTTP. [Fie00]




HTTP is your architecture                       5 / 34
Architecture




                                     LCoDC$SS
             Who heard of this term before?
                     This is HTTP. [Fie00]




HTTP is your architecture                       5 / 34
Architecture




                            LCoDC$SS




HTTP is your architecture              6 / 34
Architecture




                            Layered CoDC$SS




HTTP is your architecture                     6 / 34
Architecture




                     Layered Code on Demand C$SS




HTTP is your architecture                          6 / 34
Architecture




        Layered Code on Demand Client $S Server




HTTP is your architecture                         6 / 34
Architecture




         Layered Code on Demand Client Cached S
                         Server




HTTP is your architecture                         6 / 34
Architecture




           Layered Code on Demand Client Cached
                      Stateless Server




HTTP is your architecture                         6 / 34
Outline


     Introduction

     HTTP

     Taking it further

     Conclusion




HTTP is your architecture   7 / 34
Outline



     HTTP
       Layered architecture
       Request semantics
       Stateless server
       Code on demand




HTTP is your architecture     8 / 34
Layered architecture

            What is required?
                                                Client
                    Request semantic
                    Stateless server

                                       HTTP




                                              Application




                                              Database




HTTP is your architecture                                   9 / 34
Layered architecture

            What is required?
                                                Client
                    Request semantic
                    Stateless server

                                       HTTP




                                              Application




                                              Database




HTTP is your architecture                                   9 / 34
Layered architecture

            What is required?
                                                Client
                    Request semantic
                    Stateless server   HTTP

                                                 Proxy


                                       HTTP




                                              Application




                                              Database




HTTP is your architecture                                   9 / 34
Layered architecture

            What is required?
                                                       Client
                    Request semantic
                    Stateless server          HTTP

                                                        Load
                                                      Balancer


                                       HTTP




                                                     Application




                                                     Database




HTTP is your architecture                                          9 / 34
Outline



     HTTP
       Layered architecture
       Request semantics
       Stateless server
       Code on demand




HTTP is your architecture     10 / 34
HTTP methods


                            Mostly unknown
                                HEAD
          Well known            OPTIONS
                  GET           TRACE
                  POST          CONNECT
          Less known        WebDAV
                  PUT           MKCOL
                  DELETE        PROPSET
                                PROPGET
                            Use any you want. . .




HTTP is your architecture                           11 / 34
HTTP methods


                            Mostly unknown
                                HEAD
          Well known            OPTIONS
                  GET           TRACE
                  POST          CONNECT
          Less known        WebDAV
                  PUT           MKCOL
                  DELETE        PROPSET
                                PROPGET
                            Use any you want. . .




HTTP is your architecture                           11 / 34
HTTP methods


                            Mostly unknown
                                HEAD
          Well known            OPTIONS
                  GET           TRACE
                  POST          CONNECT
          Less known        WebDAV
                  PUT           MKCOL
                  DELETE        PROPSET
                                PROPGET
                            Use any you want. . .




HTTP is your architecture                           11 / 34
HTTP methods


                            Mostly unknown
                                HEAD
          Well known            OPTIONS
                  GET           TRACE
                  POST          CONNECT
          Less known        WebDAV
                  PUT           MKCOL
                  DELETE        PROPSET
                                PROPGET
                            Use any you want. . .




HTTP is your architecture                           11 / 34
HTTP methods


                            Mostly unknown
                                HEAD
          Well known            OPTIONS
                  GET           TRACE
                  POST          CONNECT
          Less known        WebDAV
                  PUT           MKCOL
                  DELETE        PROPSET
                                PROPGET
                            Use any you want. . .




HTTP is your architecture                           11 / 34
“Safe” HTTP methods


     [..] GET and HEAD methods SHOULD NOT have the significance
              of taking an action other than retrieval. [RF99]

             . . . so it is safe for spiders to call them.
             Since nothing is modified, the result can be cached.
                     Proxies can use that automatically
                            Varnish / Squid
                            Company application proxies
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            12 / 34
“Safe” HTTP methods


     [..] GET and HEAD methods SHOULD NOT have the significance
              of taking an action other than retrieval. [RF99]

             . . . so it is safe for spiders to call them.
             Since nothing is modified, the result can be cached.
                     Proxies can use that automatically
                            Varnish / Squid
                            Company application proxies
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            12 / 34
“Safe” HTTP methods


     [..] GET and HEAD methods SHOULD NOT have the significance
              of taking an action other than retrieval. [RF99]

             . . . so it is safe for spiders to call them.
             Since nothing is modified, the result can be cached.
                     Proxies can use that automatically
                            Varnish / Squid
                            Company application proxies
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            12 / 34
“Safe” HTTP methods


     [..] GET and HEAD methods SHOULD NOT have the significance
              of taking an action other than retrieval. [RF99]

             . . . so it is safe for spiders to call them.
             Since nothing is modified, the result can be cached.
                     Proxies can use that automatically
                            Varnish / Squid
                            Company application proxies
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            12 / 34
Is your search form broken?



 1   <form a c t i o n=” / s e a r c h ” method=”POST”>
 2     <i n p u t t y p e=” t e x t ” name=” term ” />
 3     <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” />
 4   </ form>


              Broken semantics
                        Search results may not be cached
              No bookmarking of search results




HTTP is your architecture                                                  13 / 34
Is your search form broken?



 1   <form a c t i o n=” / s e a r c h ” method=”POST”>
 2     <i n p u t t y p e=” t e x t ” name=” term ” />
 3     <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” />
 4   </ form>


              Broken semantics
                        Search results may not be cached
              No bookmarking of search results




HTTP is your architecture                                                  13 / 34
Is your search form broken?



 1   <form a c t i o n=” / s e a r c h ” method=”POST”>
 2     <i n p u t t y p e=” t e x t ” name=” term ” />
 3     <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” />
 4   </ form>


              Broken semantics
                        Search results may not be cached
              No bookmarking of search results




HTTP is your architecture                                                  13 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
POST vs. PUT
             POST
                     . . . is used to request that the origin server accept the entity
                     enclosed in the request as a new subordinate . . . [RF99]
                     Appends to an existing resource!
                            e.g. an existing collection of documents
                     Examples
                            Posting a message to a bulletin board
                            Extending a database through an append operation
             PUT
                     . . . requests that the enclosed entity be stored under the
                     supplied Request-URI. [RF99]
                     Creates or replaces a resource!
                     Examples
                            Updating account data using (PUT /users/42)
                            Create a new resource with known identifier


HTTP is your architecture                                                                14 / 34
HTML 5 is broken!




      Using PUT and DELETE as HTTP methods for the form element
                     is no longer supported. [vK10]




HTTP is your architecture                                     15 / 34
Idempotent methods


                                      f (x) = f (f (x))


             Everything but POST has to be idempotent
                     Executing the request again, should not change anything.
                     This includes PUT and DELETE
             Really useful to just resend request, if one failed due to
             network problems
             Idempotence is a useful property in all messaging systems




HTTP is your architecture                                                       16 / 34
Idempotent methods


                                      f (x) = f (f (x))


             Everything but POST has to be idempotent
                     Executing the request again, should not change anything.
                     This includes PUT and DELETE
             Really useful to just resend request, if one failed due to
             network problems
             Idempotence is a useful property in all messaging systems




HTTP is your architecture                                                       16 / 34
Idempotent methods


                                      f (x) = f (f (x))


             Everything but POST has to be idempotent
                     Executing the request again, should not change anything.
                     This includes PUT and DELETE
             Really useful to just resend request, if one failed due to
             network problems
             Idempotence is a useful property in all messaging systems




HTTP is your architecture                                                       16 / 34
Idempotent methods


                                      f (x) = f (f (x))


             Everything but POST has to be idempotent
                     Executing the request again, should not change anything.
                     This includes PUT and DELETE
             Really useful to just resend request, if one failed due to
             network problems
             Idempotence is a useful property in all messaging systems




HTTP is your architecture                                                       16 / 34
Idempotent methods


                                      f (x) = f (f (x))


             Everything but POST has to be idempotent
                     Executing the request again, should not change anything.
                     This includes PUT and DELETE
             Really useful to just resend request, if one failed due to
             network problems
             Idempotence is a useful property in all messaging systems




HTTP is your architecture                                                       16 / 34
HTTP method fail in PHP



             $ GET contains the request parameters
             $ POST contains the request body
             All HTTP requests may contain body and parameters
                     Yes, even GET!
             You may want to use something like
                     $request->parameters
                     $request->body




HTTP is your architecture                                        17 / 34
HTTP method fail in PHP



             $ GET contains the request parameters
             $ POST contains the request body
             All HTTP requests may contain body and parameters
                     Yes, even GET!
             You may want to use something like
                     $request->parameters
                     $request->body




HTTP is your architecture                                        17 / 34
HTTP method fail in PHP



             $ GET contains the request parameters
             $ POST contains the request body
             All HTTP requests may contain body and parameters
                     Yes, even GET!
             You may want to use something like
                     $request->parameters
                     $request->body




HTTP is your architecture                                        17 / 34
HTTP method fail in PHP



             $ GET contains the request parameters
             $ POST contains the request body
             All HTTP requests may contain body and parameters
                     Yes, even GET!
             You may want to use something like
                     $request->parameters
                     $request->body




HTTP is your architecture                                        17 / 34
Do you speak HTTP?



             GET and HEAD must be supported
             All other methods are optional
             But if you implement them, they must obey to semantics
             Sorry, your website is not HTTP, if you . . .
                     . . . are using POST for a search form.
                     . . . are using POST for data updates.




HTTP is your architecture                                             18 / 34
Do you speak HTTP?



             GET and HEAD must be supported
             All other methods are optional
             But if you implement them, they must obey to semantics
             Sorry, your website is not HTTP, if you . . .
                     . . . are using POST for a search form.
                     . . . are using POST for data updates.




HTTP is your architecture                                             18 / 34
Do you speak HTTP?



             GET and HEAD must be supported
             All other methods are optional
             But if you implement them, they must obey to semantics
             Sorry, your website is not HTTP, if you . . .
                     . . . are using POST for a search form.
                     . . . are using POST for data updates.




HTTP is your architecture                                             18 / 34
Do you speak HTTP?



             GET and HEAD must be supported
             All other methods are optional
             But if you implement them, they must obey to semantics
             Sorry, your website is not HTTP, if you . . .
                     . . . are using POST for a search form.
                     . . . are using POST for data updates.




HTTP is your architecture                                             18 / 34
Outline



     HTTP
       Layered architecture
       Request semantics
       Stateless server
       Code on demand




HTTP is your architecture     19 / 34
Stateless server



             No persistent connection
             Each request contains all information to be processed
                     Cookies
             Servers can be exchanged transparently
                     Mind the sessions and static data
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            20 / 34
Stateless server



             No persistent connection
             Each request contains all information to be processed
                     Cookies
             Servers can be exchanged transparently
                     Mind the sessions and static data
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            20 / 34
Stateless server



             No persistent connection
             Each request contains all information to be processed
                     Cookies
             Servers can be exchanged transparently
                     Mind the sessions and static data
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            20 / 34
Stateless server



             No persistent connection
             Each request contains all information to be processed
                     Cookies
             Servers can be exchanged transparently
                     Mind the sessions and static data
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            20 / 34
Stateless server



             No persistent connection
             Each request contains all information to be processed
                     Cookies
             Servers can be exchanged transparently
                     Mind the sessions and static data
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                            20 / 34
Drawbacks / Benefits



             Drawbacks
                     Users do have state
             Benefits
                     Scalability
                     Failover
                     Simplicity




HTTP is your architecture                  21 / 34
Drawbacks / Benefits



             Drawbacks
                     Users do have state
             Benefits
                     Scalability
                     Failover
                     Simplicity




HTTP is your architecture                  21 / 34
Drawbacks / Benefits



             Drawbacks
                     Users do have state
             Benefits
                     Scalability
                     Failover
                     Simplicity




HTTP is your architecture                  21 / 34
Drawbacks / Benefits



             Drawbacks
                     Users do have state
             Benefits
                     Scalability
                     Failover
                     Simplicity




HTTP is your architecture                  21 / 34
Drawbacks / Benefits



             Drawbacks
                     Users do have state
             Benefits
                     Scalability
                     Failover
                     Simplicity




HTTP is your architecture                  21 / 34
Share nothing!


             PHP itself follows a share nothing architecture
                     Clean PHP instance for each request
                     By default no shared resources
             It’s your job to obey to it!
                     Session storage?
                     Database server?
                     File access?
             App servers usually suck!




HTTP is your architecture                                      22 / 34
Share nothing!


             PHP itself follows a share nothing architecture
                     Clean PHP instance for each request
                     By default no shared resources
             It’s your job to obey to it!
                     Session storage?
                     Database server?
                     File access?
             App servers usually suck!




HTTP is your architecture                                      22 / 34
Share nothing!


             PHP itself follows a share nothing architecture
                     Clean PHP instance for each request
                     By default no shared resources
             It’s your job to obey to it!
                     Session storage?
                     Database server?
                     File access?
             App servers usually suck!




HTTP is your architecture                                      22 / 34
Share nothing!


             PHP itself follows a share nothing architecture
                     Clean PHP instance for each request
                     By default no shared resources
             It’s your job to obey to it!
                     Session storage?
                     Database server?
                     File access?
             App servers usually suck!




HTTP is your architecture                                      22 / 34
Share nothing!


             PHP itself follows a share nothing architecture
                     Clean PHP instance for each request
                     By default no shared resources
             It’s your job to obey to it!
                     Session storage?
                     Database server?
                     File access?
             App servers usually suck!




HTTP is your architecture                                      22 / 34
Outline



     HTTP
       Layered architecture
       Request semantics
       Stateless server
       Code on demand




HTTP is your architecture     23 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Do you?


       In the code-on-demand style, a client component . . . receives that
                     code, and executes it locally. [Fie00]

             Do you deliver code on demand?
             You do!
                     JavaScript
                     HTML is also just code
                     although not turing complete
             Layered Code on Demand Client Cached Stateless Server




HTTP is your architecture                                                24 / 34
Security




         Code generation is the root cause for webb application security
                                   problems.

             Escape for target context / language (XSS)




HTTP is your architecture                                                  25 / 34
Security




         Code generation is the root cause for webb application security
                                   problems.

             Escape for target context / language (XSS)




HTTP is your architecture                                                  25 / 34
Outline


     Introduction

     HTTP

     Taking it further

     Conclusion




HTTP is your architecture   26 / 34
Embrace HTTP


                                                  HTTP                       HTTP
                                  Client                      Cache                     Load
                                                                                      Balancer



                                                                               HTTP




                                                                                                 Application
                                           HTTP                       HTTP
                              Load                    Cache
                            Balancer


                 HTTP




                                                  Storage



HTTP is your architecture                                                                                      27 / 34
Embrace HTTP


                                                  HTTP                       HTTP
                                  Client                      Cache                      Load
                                                                                       Balancer



                                                                               HTTP




                                                                                                     Application
                                           HTTP                       HTTP
                              Load                    Cache
                            Balancer

                                                                                                            !
                                                                                                         re
                                                                                                 n, lu
                 HTTP
                                                                                               io a i
                                                                                             nt of F
                                                                                          te
                                                                                      At oint
                                                  Storage                                 P
                                                                                       le
                                                                                    ng
                                                                               Si
HTTP is your architecture                                                                                          27 / 34
Use HTTP actively



             Semantic HTTP methods
             URIs (address resources)
             Status codes
             Headers
                     Cache control
                     Content negotiation
                     ...




HTTP is your architecture                  28 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
What about REST?



             What is REST actually?
                     “New” style web services
                     Follow HTTP / LCoDC$SS
                     Follow resources / concept character of URIs
                     Use proper status codes
                     HATEOAS
                            Hypermedia as the Engine of Application State [Fie00]
                            Short: Use hyper links to delegate client




HTTP is your architecture                                                           29 / 34
Outline


     Introduction

     HTTP

     Taking it further

     Conclusion




HTTP is your architecture   30 / 34
Conclusion




                            Use HTTP!




HTTP is your architecture               31 / 34
Conclusion




                            Use HTTP, properly!




HTTP is your architecture                         31 / 34
Q/A




                       Questions? Comments? Feedback?




HTTP is your architecture                               32 / 34
Thanks for listening

                                      Please rate this talk at
                                 http://joind.in/3502
                            and (optionally) give us some feedback right now




HTTP is your architecture                                                      33 / 34
Thanks for listening

                                      Please rate this talk at
                                 http://joind.in/3502
                            and (optionally) give us some feedback right now

                                 This is very important for . . .

             Speakers
             Organizers
             You!




HTTP is your architecture                                                      33 / 34
Thanks for listening

                                      Please rate this talk at
                                 http://joind.in/3502
                            and (optionally) give us some feedback right now

                                          Stay in touch

             Kore Nordmann                                   Tobias Schlitt
             kore@qafoo.com                                  toby@qafoo.com
             @koredn / @qafoo                                @tobySen / @qafoo

                                  Rent a PHP quality expert:
                                      http://qafoo.com


HTTP is your architecture                                                        33 / 34
Bibliography I



     [Fie00] R. Fielding, Architectural styles and the design of network-based
             software architectures, Ph.D. thesis, University of California, Irvine,
             USA, 2000.
     [RF99] et al. R. Fielding, Hypertext transfer protocol – http/1.1,
            http://tools.ietf.org/html/rfc2616, June 1999.
     [vK10] Anne van Kesteren, Html5 differences from html4,
            http://www.w3.org/TR/2010/WD-html5-diff-20101019/, October
            2010.




HTTP is your architecture                                                              34 / 34

More Related Content

What's hot

V.S.VamsiKrishna
V.S.VamsiKrishnaV.S.VamsiKrishna
V.S.VamsiKrishna
vamsisvk
 
RepreZen DSL: Pushing the limits of language usability with XText
RepreZen DSL: Pushing the limits of language usability with XTextRepreZen DSL: Pushing the limits of language usability with XText
RepreZen DSL: Pushing the limits of language usability with XText
Tatiana Tanya Fesenko
 
The TCP/IP and OSI models
The TCP/IP and OSI modelsThe TCP/IP and OSI models
The TCP/IP and OSI models
Jake Weaver
 

What's hot (10)

CouchDB, PHPillow & PHP
CouchDB, PHPillow & PHPCouchDB, PHPillow & PHP
CouchDB, PHPillow & PHP
 
3rd edition chapter2
3rd edition chapter23rd edition chapter2
3rd edition chapter2
 
V.S.VamsiKrishna
V.S.VamsiKrishnaV.S.VamsiKrishna
V.S.VamsiKrishna
 
Kalyani_Resume_latest
Kalyani_Resume_latestKalyani_Resume_latest
Kalyani_Resume_latest
 
Coherent SDN Forwarding Plane Programming
Coherent SDN Forwarding Plane ProgrammingCoherent SDN Forwarding Plane Programming
Coherent SDN Forwarding Plane Programming
 
RepreZen DSL: Pushing the limits of language usability with XText
RepreZen DSL: Pushing the limits of language usability with XTextRepreZen DSL: Pushing the limits of language usability with XText
RepreZen DSL: Pushing the limits of language usability with XText
 
RAPID - Building a highly usable API Design language with XText
RAPID - Building a highly usable API Design language with XTextRAPID - Building a highly usable API Design language with XText
RAPID - Building a highly usable API Design language with XText
 
The TCP/IP and OSI models
The TCP/IP and OSI modelsThe TCP/IP and OSI models
The TCP/IP and OSI models
 
Analysis
AnalysisAnalysis
Analysis
 
Insights from the Experts: How PHP Leaders Are Transforming High-Impact PHP A...
Insights from the Experts: How PHP Leaders Are Transforming High-Impact PHP A...Insights from the Experts: How PHP Leaders Are Transforming High-Impact PHP A...
Insights from the Experts: How PHP Leaders Are Transforming High-Impact PHP A...
 

Similar to international PHP2011_Kore Nordmann_Tobias Schlitt_Modular Application Architecture

Connecting Web Application and Desktop, confoo 2011, qafoo
Connecting Web Application and Desktop, confoo 2011, qafooConnecting Web Application and Desktop, confoo 2011, qafoo
Connecting Web Application and Desktop, confoo 2011, qafoo
Bachkoutou Toutou
 
Connecting web Applications with Desktop, confoo 2011
Connecting web Applications with Desktop, confoo 2011Connecting web Applications with Desktop, confoo 2011
Connecting web Applications with Desktop, confoo 2011
Bachkoutou Toutou
 
Itp web application development
Itp web application developmentItp web application development
Itp web application development
Shibu S R
 

Similar to international PHP2011_Kore Nordmann_Tobias Schlitt_Modular Application Architecture (20)

Rapid Web Development with Python for Absolute Beginners
Rapid Web Development with Python for Absolute BeginnersRapid Web Development with Python for Absolute Beginners
Rapid Web Development with Python for Absolute Beginners
 
PhP Training Institute In Delhi
PhP Training Institute In DelhiPhP Training Institute In Delhi
PhP Training Institute In Delhi
 
Server Side Programming
Server Side ProgrammingServer Side Programming
Server Side Programming
 
Api 101
Api 101Api 101
Api 101
 
PPT - A slice of cake php
PPT - A slice of cake phpPPT - A slice of cake php
PPT - A slice of cake php
 
Manage your Public API Like a Protocol
Manage your Public API Like a ProtocolManage your Public API Like a Protocol
Manage your Public API Like a Protocol
 
From Web APIs to Cross-Device Web Sites
From Web APIs to Cross-Device Web SitesFrom Web APIs to Cross-Device Web Sites
From Web APIs to Cross-Device Web Sites
 
APIdays San Francisco, 06/22/2013
APIdays San Francisco, 06/22/2013APIdays San Francisco, 06/22/2013
APIdays San Francisco, 06/22/2013
 
Multi-Lingual Accumulo Communications
Multi-Lingual Accumulo CommunicationsMulti-Lingual Accumulo Communications
Multi-Lingual Accumulo Communications
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
 
Asynchronous Frameworks.pptx
Asynchronous Frameworks.pptxAsynchronous Frameworks.pptx
Asynchronous Frameworks.pptx
 
Connecting Web Application and Desktop, confoo 2011, qafoo
Connecting Web Application and Desktop, confoo 2011, qafooConnecting Web Application and Desktop, confoo 2011, qafoo
Connecting Web Application and Desktop, confoo 2011, qafoo
 
Connecting web Applications with Desktop, confoo 2011
Connecting web Applications with Desktop, confoo 2011Connecting web Applications with Desktop, confoo 2011
Connecting web Applications with Desktop, confoo 2011
 
Apache Deep Learning 101 - DWS Berlin 2018
Apache Deep Learning 101 - DWS Berlin 2018Apache Deep Learning 101 - DWS Berlin 2018
Apache Deep Learning 101 - DWS Berlin 2018
 
Overview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIOverview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB API
 
Itp web application development
Itp web application developmentItp web application development
Itp web application development
 
200211 Fielding Apachecon
200211 Fielding Apachecon200211 Fielding Apachecon
200211 Fielding Apachecon
 
Integrating PHP With System-i using Web Services
Integrating PHP With System-i using Web ServicesIntegrating PHP With System-i using Web Services
Integrating PHP With System-i using Web Services
 
PHP Frameworks
PHP FrameworksPHP Frameworks
PHP Frameworks
 
Proxy Server
Proxy ServerProxy Server
Proxy Server
 

More from smueller_sandsmedia

webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnenwebinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
smueller_sandsmedia
 
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
smueller_sandsmedia
 
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekteninternational PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
smueller_sandsmedia
 
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
smueller_sandsmedia
 
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnitinternational PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
smueller_sandsmedia
 
international PHP2011_Jordi Boggiano_PHP Reset
international PHP2011_Jordi Boggiano_PHP Resetinternational PHP2011_Jordi Boggiano_PHP Reset
international PHP2011_Jordi Boggiano_PHP Reset
smueller_sandsmedia
 
international PHP2011_Bastian Hofmann_Mashing up java script
international PHP2011_Bastian Hofmann_Mashing up java scriptinternational PHP2011_Bastian Hofmann_Mashing up java script
international PHP2011_Bastian Hofmann_Mashing up java script
smueller_sandsmedia
 
international PHP2011_Bastian Feder_jQuery's Secrets
international PHP2011_Bastian Feder_jQuery's Secretsinternational PHP2011_Bastian Feder_jQuery's Secrets
international PHP2011_Bastian Feder_jQuery's Secrets
smueller_sandsmedia
 
international PHP2011_ilia alshanetsky_Hidden Features of PHP
international PHP2011_ilia alshanetsky_Hidden Features of PHPinternational PHP2011_ilia alshanetsky_Hidden Features of PHP
international PHP2011_ilia alshanetsky_Hidden Features of PHP
smueller_sandsmedia
 
webinale2011_Chris Mills_Brave new world of HTML5Html5
webinale2011_Chris Mills_Brave new world of HTML5Html5webinale2011_Chris Mills_Brave new world of HTML5Html5
webinale2011_Chris Mills_Brave new world of HTML5Html5
smueller_sandsmedia
 
international PHP2011_J.Hartmann_DevOps für PHP
international PHP2011_J.Hartmann_DevOps für PHPinternational PHP2011_J.Hartmann_DevOps für PHP
international PHP2011_J.Hartmann_DevOps für PHP
smueller_sandsmedia
 
international PHP2011_Kore Nordmann_Designing multilingual applications
international PHP2011_Kore Nordmann_Designing multilingual applications international PHP2011_Kore Nordmann_Designing multilingual applications
international PHP2011_Kore Nordmann_Designing multilingual applications
smueller_sandsmedia
 
webinale2011_Daniel Höpfner_Förderprogramme für dummies
webinale2011_Daniel Höpfner_Förderprogramme für dummieswebinale2011_Daniel Höpfner_Förderprogramme für dummies
webinale2011_Daniel Höpfner_Förderprogramme für dummies
smueller_sandsmedia
 

More from smueller_sandsmedia (13)

webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnenwebinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
webinale2011_Kai Radusch_Landingpage-Optimierung für Adwords-Kampagnen
 
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
webinale 2011_Gabriel Yoran_Der Schlüssel zum erfolg: Besser aussehen, als ma...
 
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekteninternational PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
international PHP2011_Henning Wolf_ Mit Retrospektivenzu erfolgreichen Projekten
 
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
webinale2011_Dirk Jesse:Responsive Web Design oder "Unwissenheit ist ein Segen"
 
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnitinternational PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
international PHP2011_Bastian Feder_The most unknown Parts of PHPUnit
 
international PHP2011_Jordi Boggiano_PHP Reset
international PHP2011_Jordi Boggiano_PHP Resetinternational PHP2011_Jordi Boggiano_PHP Reset
international PHP2011_Jordi Boggiano_PHP Reset
 
international PHP2011_Bastian Hofmann_Mashing up java script
international PHP2011_Bastian Hofmann_Mashing up java scriptinternational PHP2011_Bastian Hofmann_Mashing up java script
international PHP2011_Bastian Hofmann_Mashing up java script
 
international PHP2011_Bastian Feder_jQuery's Secrets
international PHP2011_Bastian Feder_jQuery's Secretsinternational PHP2011_Bastian Feder_jQuery's Secrets
international PHP2011_Bastian Feder_jQuery's Secrets
 
international PHP2011_ilia alshanetsky_Hidden Features of PHP
international PHP2011_ilia alshanetsky_Hidden Features of PHPinternational PHP2011_ilia alshanetsky_Hidden Features of PHP
international PHP2011_ilia alshanetsky_Hidden Features of PHP
 
webinale2011_Chris Mills_Brave new world of HTML5Html5
webinale2011_Chris Mills_Brave new world of HTML5Html5webinale2011_Chris Mills_Brave new world of HTML5Html5
webinale2011_Chris Mills_Brave new world of HTML5Html5
 
international PHP2011_J.Hartmann_DevOps für PHP
international PHP2011_J.Hartmann_DevOps für PHPinternational PHP2011_J.Hartmann_DevOps für PHP
international PHP2011_J.Hartmann_DevOps für PHP
 
international PHP2011_Kore Nordmann_Designing multilingual applications
international PHP2011_Kore Nordmann_Designing multilingual applications international PHP2011_Kore Nordmann_Designing multilingual applications
international PHP2011_Kore Nordmann_Designing multilingual applications
 
webinale2011_Daniel Höpfner_Förderprogramme für dummies
webinale2011_Daniel Höpfner_Förderprogramme für dummieswebinale2011_Daniel Höpfner_Förderprogramme für dummies
webinale2011_Daniel Höpfner_Förderprogramme für dummies
 

Recently uploaded

Recently uploaded (20)

Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Intelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdfIntelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdf
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UXTransforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
 

international PHP2011_Kore Nordmann_Tobias Schlitt_Modular Application Architecture

  • 1. HTTP is your architecture International PHP Conference Spring Edition Kore Nordmann (@koredn) Tobias Schlitt (@tobySen) May 31, 2011 HTTP is your architecture 1 / 34
  • 2. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projects HTTP is your architecture 2 / 34
  • 3. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projects HTTP is your architecture 2 / 34
  • 4. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projects HTTP is your architecture 2 / 34
  • 5. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projects HTTP is your architecture 2 / 34
  • 6. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts We help people to create Contributing to various high quality PHP FLOSS projects applications. HTTP is your architecture 2 / 34
  • 7. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts We help people to create Contributing to various high quality PHP FLOSS projects applications. http://qafoo.com HTTP is your architecture 2 / 34
  • 8. Outline Introduction HTTP Taking it further Conclusion HTTP is your architecture 3 / 34
  • 9. Aspects of a web application Scalability Reliability Simplicity Usability Security Standard Compliance HTTP is your architecture 4 / 34
  • 10. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00] HTTP is your architecture 5 / 34
  • 11. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00] HTTP is your architecture 5 / 34
  • 12. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00] HTTP is your architecture 5 / 34
  • 13. Architecture LCoDC$SS HTTP is your architecture 6 / 34
  • 14. Architecture Layered CoDC$SS HTTP is your architecture 6 / 34
  • 15. Architecture Layered Code on Demand C$SS HTTP is your architecture 6 / 34
  • 16. Architecture Layered Code on Demand Client $S Server HTTP is your architecture 6 / 34
  • 17. Architecture Layered Code on Demand Client Cached S Server HTTP is your architecture 6 / 34
  • 18. Architecture Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 6 / 34
  • 19. Outline Introduction HTTP Taking it further Conclusion HTTP is your architecture 7 / 34
  • 20. Outline HTTP Layered architecture Request semantics Stateless server Code on demand HTTP is your architecture 8 / 34
  • 21. Layered architecture What is required? Client Request semantic Stateless server HTTP Application Database HTTP is your architecture 9 / 34
  • 22. Layered architecture What is required? Client Request semantic Stateless server HTTP Application Database HTTP is your architecture 9 / 34
  • 23. Layered architecture What is required? Client Request semantic Stateless server HTTP Proxy HTTP Application Database HTTP is your architecture 9 / 34
  • 24. Layered architecture What is required? Client Request semantic Stateless server HTTP Load Balancer HTTP Application Database HTTP is your architecture 9 / 34
  • 25. Outline HTTP Layered architecture Request semantics Stateless server Code on demand HTTP is your architecture 10 / 34
  • 26. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . . HTTP is your architecture 11 / 34
  • 27. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . . HTTP is your architecture 11 / 34
  • 28. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . . HTTP is your architecture 11 / 34
  • 29. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . . HTTP is your architecture 11 / 34
  • 30. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . . HTTP is your architecture 11 / 34
  • 31. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 12 / 34
  • 32. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 12 / 34
  • 33. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 12 / 34
  • 34. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 12 / 34
  • 35. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search results HTTP is your architecture 13 / 34
  • 36. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search results HTTP is your architecture 13 / 34
  • 37. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search results HTTP is your architecture 13 / 34
  • 38. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 39. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 40. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 41. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 42. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 43. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 44. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 45. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifier HTTP is your architecture 14 / 34
  • 46. HTML 5 is broken! Using PUT and DELETE as HTTP methods for the form element is no longer supported. [vK10] HTTP is your architecture 15 / 34
  • 47. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systems HTTP is your architecture 16 / 34
  • 48. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systems HTTP is your architecture 16 / 34
  • 49. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systems HTTP is your architecture 16 / 34
  • 50. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systems HTTP is your architecture 16 / 34
  • 51. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systems HTTP is your architecture 16 / 34
  • 52. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->body HTTP is your architecture 17 / 34
  • 53. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->body HTTP is your architecture 17 / 34
  • 54. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->body HTTP is your architecture 17 / 34
  • 55. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->body HTTP is your architecture 17 / 34
  • 56. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates. HTTP is your architecture 18 / 34
  • 57. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates. HTTP is your architecture 18 / 34
  • 58. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates. HTTP is your architecture 18 / 34
  • 59. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates. HTTP is your architecture 18 / 34
  • 60. Outline HTTP Layered architecture Request semantics Stateless server Code on demand HTTP is your architecture 19 / 34
  • 61. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 20 / 34
  • 62. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 20 / 34
  • 63. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 20 / 34
  • 64. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 20 / 34
  • 65. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 20 / 34
  • 66. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover Simplicity HTTP is your architecture 21 / 34
  • 67. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover Simplicity HTTP is your architecture 21 / 34
  • 68. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover Simplicity HTTP is your architecture 21 / 34
  • 69. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover Simplicity HTTP is your architecture 21 / 34
  • 70. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover Simplicity HTTP is your architecture 21 / 34
  • 71. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck! HTTP is your architecture 22 / 34
  • 72. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck! HTTP is your architecture 22 / 34
  • 73. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck! HTTP is your architecture 22 / 34
  • 74. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck! HTTP is your architecture 22 / 34
  • 75. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck! HTTP is your architecture 22 / 34
  • 76. Outline HTTP Layered architecture Request semantics Stateless server Code on demand HTTP is your architecture 23 / 34
  • 77. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 78. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 79. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 80. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 81. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 82. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless Server HTTP is your architecture 24 / 34
  • 83. Security Code generation is the root cause for webb application security problems. Escape for target context / language (XSS) HTTP is your architecture 25 / 34
  • 84. Security Code generation is the root cause for webb application security problems. Escape for target context / language (XSS) HTTP is your architecture 25 / 34
  • 85. Outline Introduction HTTP Taking it further Conclusion HTTP is your architecture 26 / 34
  • 86. Embrace HTTP HTTP HTTP Client Cache Load Balancer HTTP Application HTTP HTTP Load Cache Balancer HTTP Storage HTTP is your architecture 27 / 34
  • 87. Embrace HTTP HTTP HTTP Client Cache Load Balancer HTTP Application HTTP HTTP Load Cache Balancer ! re n, lu HTTP io a i nt of F te At oint Storage P le ng Si HTTP is your architecture 27 / 34
  • 88. Use HTTP actively Semantic HTTP methods URIs (address resources) Status codes Headers Cache control Content negotiation ... HTTP is your architecture 28 / 34
  • 89. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 90. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 91. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 92. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 93. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 94. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate client HTTP is your architecture 29 / 34
  • 95. Outline Introduction HTTP Taking it further Conclusion HTTP is your architecture 30 / 34
  • 96. Conclusion Use HTTP! HTTP is your architecture 31 / 34
  • 97. Conclusion Use HTTP, properly! HTTP is your architecture 31 / 34
  • 98. Q/A Questions? Comments? Feedback? HTTP is your architecture 32 / 34
  • 99. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right now HTTP is your architecture 33 / 34
  • 100. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right now This is very important for . . . Speakers Organizers You! HTTP is your architecture 33 / 34
  • 101. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right now Stay in touch Kore Nordmann Tobias Schlitt kore@qafoo.com toby@qafoo.com @koredn / @qafoo @tobySen / @qafoo Rent a PHP quality expert: http://qafoo.com HTTP is your architecture 33 / 34
  • 102. Bibliography I [Fie00] R. Fielding, Architectural styles and the design of network-based software architectures, Ph.D. thesis, University of California, Irvine, USA, 2000. [RF99] et al. R. Fielding, Hypertext transfer protocol – http/1.1, http://tools.ietf.org/html/rfc2616, June 1999. [vK10] Anne van Kesteren, Html5 differences from html4, http://www.w3.org/TR/2010/WD-html5-diff-20101019/, October 2010. HTTP is your architecture 34 / 34