HTTP is your architecture                       International PHP Conference Spring Edition                               ...
About us            Degree in computer sience            More than 10 years of       Qafoo                                ...
About us            Degree in computer sience            More than 10 years of       Qafoo                                ...
About us            Degree in computer sience            More than 10 years of       Qafoo                                ...
About us                                        Co-founders of            Degree in computer sience            More than 1...
About us                                             Co-founders of            Degree in computer sience            More t...
About us                                             Co-founders of            Degree in computer sience            More t...
Outline     Introduction     HTTP     Taking it further     ConclusionHTTP is your architecture   3 / 34
Aspects of a web application             Scalability             Reliability             Simplicity             Usability ...
Architecture                                     LCoDC$SS             Who heard of this term before?                     T...
Architecture                                     LCoDC$SS             Who heard of this term before?                     T...
Architecture                                     LCoDC$SS             Who heard of this term before?                     T...
Architecture                            LCoDC$SSHTTP is your architecture              6 / 34
Architecture                            Layered CoDC$SSHTTP is your architecture                     6 / 34
Architecture                     Layered Code on Demand C$SSHTTP is your architecture                          6 / 34
Architecture        Layered Code on Demand Client $S ServerHTTP is your architecture                         6 / 34
Architecture         Layered Code on Demand Client Cached S                         ServerHTTP is your architecture       ...
Architecture           Layered Code on Demand Client Cached                      Stateless ServerHTTP is your architecture...
Outline     Introduction     HTTP     Taking it further     ConclusionHTTP is your architecture   7 / 34
Outline     HTTP       Layered architecture       Request semantics       Stateless server       Code on demandHTTP is you...
Layered architecture            What is required?                                                Client                   ...
Layered architecture            What is required?                                                Client                   ...
Layered architecture            What is required?                                                Client                   ...
Layered architecture            What is required?                                                       Client            ...
Outline     HTTP       Layered architecture       Request semantics       Stateless server       Code on demandHTTP is you...
HTTP methods                            Mostly unknown                                HEAD          Well known            ...
HTTP methods                            Mostly unknown                                HEAD          Well known            ...
HTTP methods                            Mostly unknown                                HEAD          Well known            ...
HTTP methods                            Mostly unknown                                HEAD          Well known            ...
HTTP methods                            Mostly unknown                                HEAD          Well known            ...
“Safe” HTTP methods     [..] GET and HEAD methods SHOULD NOT have the significance              of taking an action other t...
“Safe” HTTP methods     [..] GET and HEAD methods SHOULD NOT have the significance              of taking an action other t...
“Safe” HTTP methods     [..] GET and HEAD methods SHOULD NOT have the significance              of taking an action other t...
“Safe” HTTP methods     [..] GET and HEAD methods SHOULD NOT have the significance              of taking an action other t...
Is your search form broken? 1   <form a c t i o n=” / s e a r c h ” method=”POST”> 2     <i n p u t t y p e=” t e x t ” na...
Is your search form broken? 1   <form a c t i o n=” / s e a r c h ” method=”POST”> 2     <i n p u t t y p e=” t e x t ” na...
Is your search form broken? 1   <form a c t i o n=” / s e a r c h ” method=”POST”> 2     <i n p u t t y p e=” t e x t ” na...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
POST vs. PUT             POST                     . . . is used to request that the origin server accept the entity       ...
HTML 5 is broken!      Using PUT and DELETE as HTTP methods for the form element                     is no longer supporte...
Idempotent methods                                      f (x) = f (f (x))             Everything but POST has to be idempo...
Idempotent methods                                      f (x) = f (f (x))             Everything but POST has to be idempo...
Idempotent methods                                      f (x) = f (f (x))             Everything but POST has to be idempo...
Idempotent methods                                      f (x) = f (f (x))             Everything but POST has to be idempo...
Idempotent methods                                      f (x) = f (f (x))             Everything but POST has to be idempo...
HTTP method fail in PHP             $ GET contains the request parameters             $ POST contains the request body    ...
HTTP method fail in PHP             $ GET contains the request parameters             $ POST contains the request body    ...
HTTP method fail in PHP             $ GET contains the request parameters             $ POST contains the request body    ...
HTTP method fail in PHP             $ GET contains the request parameters             $ POST contains the request body    ...
Do you speak HTTP?             GET and HEAD must be supported             All other methods are optional             But i...
Do you speak HTTP?             GET and HEAD must be supported             All other methods are optional             But i...
Do you speak HTTP?             GET and HEAD must be supported             All other methods are optional             But i...
Do you speak HTTP?             GET and HEAD must be supported             All other methods are optional             But i...
Outline     HTTP       Layered architecture       Request semantics       Stateless server       Code on demandHTTP is you...
Stateless server             No persistent connection             Each request contains all information to be processed   ...
Stateless server             No persistent connection             Each request contains all information to be processed   ...
Stateless server             No persistent connection             Each request contains all information to be processed   ...
Stateless server             No persistent connection             Each request contains all information to be processed   ...
Stateless server             No persistent connection             Each request contains all information to be processed   ...
Drawbacks / Benefits             Drawbacks                     Users do have state             Benefits                     ...
Drawbacks / Benefits             Drawbacks                     Users do have state             Benefits                     ...
Drawbacks / Benefits             Drawbacks                     Users do have state             Benefits                     ...
Drawbacks / Benefits             Drawbacks                     Users do have state             Benefits                     ...
Drawbacks / Benefits             Drawbacks                     Users do have state             Benefits                     ...
Share nothing!             PHP itself follows a share nothing architecture                     Clean PHP instance for each...
Share nothing!             PHP itself follows a share nothing architecture                     Clean PHP instance for each...
Share nothing!             PHP itself follows a share nothing architecture                     Clean PHP instance for each...
Share nothing!             PHP itself follows a share nothing architecture                     Clean PHP instance for each...
Share nothing!             PHP itself follows a share nothing architecture                     Clean PHP instance for each...
Outline     HTTP       Layered architecture       Request semantics       Stateless server       Code on demandHTTP is you...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Do you?       In the code-on-demand style, a client component . . . receives that                     code, and executes i...
Security         Code generation is the root cause for webb application security                                   problem...
Security         Code generation is the root cause for webb application security                                   problem...
Outline     Introduction     HTTP     Taking it further     ConclusionHTTP is your architecture   26 / 34
Embrace HTTP                                                  HTTP                       HTTP                             ...
Embrace HTTP                                                  HTTP                       HTTP                             ...
Use HTTP actively             Semantic HTTP methods             URIs (address resources)             Status codes         ...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
What about REST?             What is REST actually?                     “New” style web services                     Follo...
Outline     Introduction     HTTP     Taking it further     ConclusionHTTP is your architecture   30 / 34
Conclusion                            Use HTTP!HTTP is your architecture               31 / 34
Conclusion                            Use HTTP, properly!HTTP is your architecture                         31 / 34
Q/A                       Questions? Comments? Feedback?HTTP is your architecture                               32 / 34
Thanks for listening                                      Please rate this talk at                                 http://...
Thanks for listening                                      Please rate this talk at                                 http://...
Thanks for listening                                      Please rate this talk at                                 http://...
Bibliography I     [Fie00] R. Fielding, Architectural styles and the design of network-based             software architec...
Upcoming SlideShare
Loading in …5
×

international PHP2011_Kore Nordmann_Tobias Schlitt_Modular Application Architecture

527 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
527
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

international PHP2011_Kore Nordmann_Tobias Schlitt_Modular Application Architecture

  1. 1. HTTP is your architecture International PHP Conference Spring Edition Kore Nordmann (@koredn) Tobias Schlitt (@tobySen) May 31, 2011HTTP is your architecture 1 / 34
  2. 2. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projectsHTTP is your architecture 2 / 34
  3. 3. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projectsHTTP is your architecture 2 / 34
  4. 4. About us Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projectsHTTP is your architecture 2 / 34
  5. 5. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts Contributing to various FLOSS projectsHTTP is your architecture 2 / 34
  6. 6. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts We help people to create Contributing to various high quality PHP FLOSS projects applications.HTTP is your architecture 2 / 34
  7. 7. About us Co-founders of Degree in computer sience More than 10 years of Qafoo passion for software quality professional PHP Open source enthusiasts We help people to create Contributing to various high quality PHP FLOSS projects applications. http://qafoo.comHTTP is your architecture 2 / 34
  8. 8. Outline Introduction HTTP Taking it further ConclusionHTTP is your architecture 3 / 34
  9. 9. Aspects of a web application Scalability Reliability Simplicity Usability Security Standard ComplianceHTTP is your architecture 4 / 34
  10. 10. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00]HTTP is your architecture 5 / 34
  11. 11. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00]HTTP is your architecture 5 / 34
  12. 12. Architecture LCoDC$SS Who heard of this term before? This is HTTP. [Fie00]HTTP is your architecture 5 / 34
  13. 13. Architecture LCoDC$SSHTTP is your architecture 6 / 34
  14. 14. Architecture Layered CoDC$SSHTTP is your architecture 6 / 34
  15. 15. Architecture Layered Code on Demand C$SSHTTP is your architecture 6 / 34
  16. 16. Architecture Layered Code on Demand Client $S ServerHTTP is your architecture 6 / 34
  17. 17. Architecture Layered Code on Demand Client Cached S ServerHTTP is your architecture 6 / 34
  18. 18. Architecture Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 6 / 34
  19. 19. Outline Introduction HTTP Taking it further ConclusionHTTP is your architecture 7 / 34
  20. 20. Outline HTTP Layered architecture Request semantics Stateless server Code on demandHTTP is your architecture 8 / 34
  21. 21. Layered architecture What is required? Client Request semantic Stateless server HTTP Application DatabaseHTTP is your architecture 9 / 34
  22. 22. Layered architecture What is required? Client Request semantic Stateless server HTTP Application DatabaseHTTP is your architecture 9 / 34
  23. 23. Layered architecture What is required? Client Request semantic Stateless server HTTP Proxy HTTP Application DatabaseHTTP is your architecture 9 / 34
  24. 24. Layered architecture What is required? Client Request semantic Stateless server HTTP Load Balancer HTTP Application DatabaseHTTP is your architecture 9 / 34
  25. 25. Outline HTTP Layered architecture Request semantics Stateless server Code on demandHTTP is your architecture 10 / 34
  26. 26. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . .HTTP is your architecture 11 / 34
  27. 27. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . .HTTP is your architecture 11 / 34
  28. 28. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . .HTTP is your architecture 11 / 34
  29. 29. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . .HTTP is your architecture 11 / 34
  30. 30. HTTP methods Mostly unknown HEAD Well known OPTIONS GET TRACE POST CONNECT Less known WebDAV PUT MKCOL DELETE PROPSET PROPGET Use any you want. . .HTTP is your architecture 11 / 34
  31. 31. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 12 / 34
  32. 32. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 12 / 34
  33. 33. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 12 / 34
  34. 34. “Safe” HTTP methods [..] GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. [RF99] . . . so it is safe for spiders to call them. Since nothing is modified, the result can be cached. Proxies can use that automatically Varnish / Squid Company application proxies Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 12 / 34
  35. 35. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search resultsHTTP is your architecture 13 / 34
  36. 36. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search resultsHTTP is your architecture 13 / 34
  37. 37. Is your search form broken? 1 <form a c t i o n=” / s e a r c h ” method=”POST”> 2 <i n p u t t y p e=” t e x t ” name=” term ” /> 3 <i n p u t t y p e=” s u b m i t ” v a l u e=” S e a r c h ! ” /> 4 </ form> Broken semantics Search results may not be cached No bookmarking of search resultsHTTP is your architecture 13 / 34
  38. 38. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  39. 39. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  40. 40. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  41. 41. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  42. 42. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  43. 43. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  44. 44. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  45. 45. POST vs. PUT POST . . . is used to request that the origin server accept the entity enclosed in the request as a new subordinate . . . [RF99] Appends to an existing resource! e.g. an existing collection of documents Examples Posting a message to a bulletin board Extending a database through an append operation PUT . . . requests that the enclosed entity be stored under the supplied Request-URI. [RF99] Creates or replaces a resource! Examples Updating account data using (PUT /users/42) Create a new resource with known identifierHTTP is your architecture 14 / 34
  46. 46. HTML 5 is broken! Using PUT and DELETE as HTTP methods for the form element is no longer supported. [vK10]HTTP is your architecture 15 / 34
  47. 47. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systemsHTTP is your architecture 16 / 34
  48. 48. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systemsHTTP is your architecture 16 / 34
  49. 49. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systemsHTTP is your architecture 16 / 34
  50. 50. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systemsHTTP is your architecture 16 / 34
  51. 51. Idempotent methods f (x) = f (f (x)) Everything but POST has to be idempotent Executing the request again, should not change anything. This includes PUT and DELETE Really useful to just resend request, if one failed due to network problems Idempotence is a useful property in all messaging systemsHTTP is your architecture 16 / 34
  52. 52. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->bodyHTTP is your architecture 17 / 34
  53. 53. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->bodyHTTP is your architecture 17 / 34
  54. 54. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->bodyHTTP is your architecture 17 / 34
  55. 55. HTTP method fail in PHP $ GET contains the request parameters $ POST contains the request body All HTTP requests may contain body and parameters Yes, even GET! You may want to use something like $request->parameters $request->bodyHTTP is your architecture 17 / 34
  56. 56. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates.HTTP is your architecture 18 / 34
  57. 57. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates.HTTP is your architecture 18 / 34
  58. 58. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates.HTTP is your architecture 18 / 34
  59. 59. Do you speak HTTP? GET and HEAD must be supported All other methods are optional But if you implement them, they must obey to semantics Sorry, your website is not HTTP, if you . . . . . . are using POST for a search form. . . . are using POST for data updates.HTTP is your architecture 18 / 34
  60. 60. Outline HTTP Layered architecture Request semantics Stateless server Code on demandHTTP is your architecture 19 / 34
  61. 61. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 20 / 34
  62. 62. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 20 / 34
  63. 63. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 20 / 34
  64. 64. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 20 / 34
  65. 65. Stateless server No persistent connection Each request contains all information to be processed Cookies Servers can be exchanged transparently Mind the sessions and static data Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 20 / 34
  66. 66. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover SimplicityHTTP is your architecture 21 / 34
  67. 67. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover SimplicityHTTP is your architecture 21 / 34
  68. 68. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover SimplicityHTTP is your architecture 21 / 34
  69. 69. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover SimplicityHTTP is your architecture 21 / 34
  70. 70. Drawbacks / Benefits Drawbacks Users do have state Benefits Scalability Failover SimplicityHTTP is your architecture 21 / 34
  71. 71. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck!HTTP is your architecture 22 / 34
  72. 72. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck!HTTP is your architecture 22 / 34
  73. 73. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck!HTTP is your architecture 22 / 34
  74. 74. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck!HTTP is your architecture 22 / 34
  75. 75. Share nothing! PHP itself follows a share nothing architecture Clean PHP instance for each request By default no shared resources It’s your job to obey to it! Session storage? Database server? File access? App servers usually suck!HTTP is your architecture 22 / 34
  76. 76. Outline HTTP Layered architecture Request semantics Stateless server Code on demandHTTP is your architecture 23 / 34
  77. 77. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  78. 78. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  79. 79. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  80. 80. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  81. 81. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  82. 82. Do you? In the code-on-demand style, a client component . . . receives that code, and executes it locally. [Fie00] Do you deliver code on demand? You do! JavaScript HTML is also just code although not turing complete Layered Code on Demand Client Cached Stateless ServerHTTP is your architecture 24 / 34
  83. 83. Security Code generation is the root cause for webb application security problems. Escape for target context / language (XSS)HTTP is your architecture 25 / 34
  84. 84. Security Code generation is the root cause for webb application security problems. Escape for target context / language (XSS)HTTP is your architecture 25 / 34
  85. 85. Outline Introduction HTTP Taking it further ConclusionHTTP is your architecture 26 / 34
  86. 86. Embrace HTTP HTTP HTTP Client Cache Load Balancer HTTP Application HTTP HTTP Load Cache Balancer HTTP StorageHTTP is your architecture 27 / 34
  87. 87. Embrace HTTP HTTP HTTP Client Cache Load Balancer HTTP Application HTTP HTTP Load Cache Balancer ! re n, lu HTTP io a i nt of F te At oint Storage P le ng SiHTTP is your architecture 27 / 34
  88. 88. Use HTTP actively Semantic HTTP methods URIs (address resources) Status codes Headers Cache control Content negotiation ...HTTP is your architecture 28 / 34
  89. 89. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  90. 90. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  91. 91. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  92. 92. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  93. 93. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  94. 94. What about REST? What is REST actually? “New” style web services Follow HTTP / LCoDC$SS Follow resources / concept character of URIs Use proper status codes HATEOAS Hypermedia as the Engine of Application State [Fie00] Short: Use hyper links to delegate clientHTTP is your architecture 29 / 34
  95. 95. Outline Introduction HTTP Taking it further ConclusionHTTP is your architecture 30 / 34
  96. 96. Conclusion Use HTTP!HTTP is your architecture 31 / 34
  97. 97. Conclusion Use HTTP, properly!HTTP is your architecture 31 / 34
  98. 98. Q/A Questions? Comments? Feedback?HTTP is your architecture 32 / 34
  99. 99. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right nowHTTP is your architecture 33 / 34
  100. 100. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right now This is very important for . . . Speakers Organizers You!HTTP is your architecture 33 / 34
  101. 101. Thanks for listening Please rate this talk at http://joind.in/3502 and (optionally) give us some feedback right now Stay in touch Kore Nordmann Tobias Schlitt kore@qafoo.com toby@qafoo.com @koredn / @qafoo @tobySen / @qafoo Rent a PHP quality expert: http://qafoo.comHTTP is your architecture 33 / 34
  102. 102. Bibliography I [Fie00] R. Fielding, Architectural styles and the design of network-based software architectures, Ph.D. thesis, University of California, Irvine, USA, 2000. [RF99] et al. R. Fielding, Hypertext transfer protocol – http/1.1, http://tools.ietf.org/html/rfc2616, June 1999. [vK10] Anne van Kesteren, Html5 differences from html4, http://www.w3.org/TR/2010/WD-html5-diff-20101019/, October 2010.HTTP is your architecture 34 / 34

×