Week 4 - Web layer continued Flashcards
Example of a proxy Just read
Okay, let me try to explain the proxy concept with a simple example:
Imagine you’re browsing the web on your laptop at home. When you type in a website address, like www.example.com, your web browser doesn’t actually connect directly to that website’s server. Instead, it first connects to a proxy server.
The proxy server sits between your laptop (the client) and the actual example.com server. When your browser sends a request to the proxy for www.example.com, here’s what happens:
The proxy receives your request for www.example.com.
The proxy first checks its own cache to see if it has a copy of the website content that it can quickly serve back to your browser. This is called a “cache hit” - the proxy can satisfy your request without needing to contact the actual example.com server.
If the content is not in the proxy’s cache (a “cache miss”), then the proxy will forward your request on to the example.com server. It will take the response from example.com, and send that back to your browser, translating it through the HTTP protocol.
So in summary, the proxy acts as an intermediary, receiving requests from you (the client) and trying to satisfy those requests as quickly as possible, either from its own cache or by contacting the actual server on your behalf. This can improve performance and save bandwidth compared to your browser talking directly to the website’s server.
The key benefit of using a proxy is that it can optimize and manage the communication between many clients and many servers, caching content and controlling the traffic flow.
Why is put idempotent
Remember put is used to modify
MODIFY TO ABSOLUTE VALUES
ie set x to be 15 is put
this is idempotent as no matter how many times you repeat x will always be 15
Things that violate :
using put to increment is bad rest - violates idempotency
as repeating an increment wont have same effect
example i provided above in relation to the slides
The slide states that a “proxy” is an intermediary selected by the client, usually via local configuration rules. In the example, the web browser on the user’s laptop is configured to route its requests through the proxy server, rather than connecting directly to the web server.
The slide mentions that the proxy “receives requests for URLs and attempts to satisfy those requests via translation through the HTTP interface.” In the example, when the user’s browser sends a request to www.example.com, the proxy receives that request.
The slide explains that the proxy will first check if it can satisfy the request using its own cache. In the example, this is where the proxy checks its cache to see if it has a cached copy of the example.com website content that it can quickly return to the browser, instead of forwarding the request to the actual server.
If the content is not in the proxy’s cache, the slide states that the proxy will forward the request to the actual server. In the example, if the content is not in the proxy’s cache, it will then pass the request along to the example.com web server.
Finally, the slide mentions that proxies are often used in organizations to group and manage HTTP requests through a common intermediary, which can be for reasons like security, annotation services, or shared caching. In the example, the proxy is serving this centralized role, optimizing and managing the communication between multiple clients and servers.
Forward ( regular) proxy
Forward Proxy:
Sits in front of CLIENTS
Example benefits:
Hides client IP addresses from the internet
Controls what websites employees can visit
Monitors internet usage
Can block malicious websites
Caches common requests to save bandwidth
Reverse Proxy:
Sits in front of SERVERS
Example benefits:
Load balancing across servers
SSL encryption handling
Protection from attacks
Caching to reduce server load
Is a proxy transparent and explain why
They are not transparent this is because clients are specifically configured to access proxy
NO NEED TO BE TRANSPARENT AS THIS JUST ADDS DIFFICULTIES :
No point where traffic will always flow through like in the case of a reverse proxy (as it just sits in front of server)
Is a reverse proxy transparent and explain why
reverse proxy is transparent - client doesnt need to be aware of reverse proxy - under the hood reverse proxy routes them to a specific server based on load balancing mechanism
Reverse proxy (transparent):
Client doesn’t know it exists
Just sends requests to what it thinks is the server
Reverse proxy silently handles routing and load balancing
Safe
Read only operation
Idempotent
Can be repeated with SAME effect
eg Put is idempotent -
2 updates that are the same will have same effect
|
PUT /users/123
{name: “John”, age: 30}
Do this once: User 123 becomes {name: “John”, age: 30}
Do this five times: User 123 is still {name: “John”, age: 30}
eg POST is NOT idempotent as you are creating 2 different resources
cacheable
response can be cached
summary of everything i learned for the week
look in laptop ins for week 4 too
Here’s a comprehensive overview of REST, Proxies, Cookies, and URI design:
REST Architecture Basics:
Transfers representations of resources, not actual resources
Uses standard formats (JSON, XML, etc.)
Stateless: each request contains all needed information
Server doesn’t remember previous requests
Client must remember resource URLs
Proxies:
Forward Proxy:
Sits in front of CLIENTS
Protects/represents clients
Features:
Monitor internet usage
Block websites
Cache content
Hide client IPs
Reverse Proxy:
Sits in front of SERVERS
Protects/represents servers
Features:
Load balancing
SSL handling
Security
Caching
State Management:
Stateless Architecture:
State distributed between client/server
Each request independent
Server crash doesn’t lose session data
Client remembers URLs
Resource data in database
Stateful Architecture:
State saved on server
Server remembers sessions
Server crash loses session data
More vulnerable to failures
Cookies:
Purpose:
Small data pieces server sends to browser
Browser stores and returns with future requests
Helps identify returning clients
Issues with REST:
Creates site-wide state (non-RESTful)
Affects all requests to entire site
Can create state mismatches
Browser-specific storage
URI Design:
Hierarchical Structure:
General → Specific
Example: /category/subcategory/item/id
Best Practices:
Clear domain naming
Logical structure
Consistent patterns
Self-descriptive
Human-readable
Types:
Public Sector: /transport/road/M5/junction/24
Supply Chain: /gtin/productcode
General Use: /users/username/posts/date
Key Points to Remember:
REST is about resource representations
Proxies serve different purposes based on placement
State should be carefully managed
Cookies can conflict with REST principles
URIs should be well-structured and meaningful
what is status code 200
Eveything went okay
eg:
GET /api/users/123
Response: 200
{
“name”: “John”,
“email”: “john@example.com”
}
User exists and data was successfully returned
what is status code 303
current server cant handle -> redirects to another server
eg:
POST /api/upload
Response: 303
Location: /api/cdn-server/upload
Server redirects large file upload to a dedicated file server
what is status code 404
Not Found
eg:
GET /api/products/999999
Response: 404
{
“error”: “Product not found”
}
Tried to access a product that doesn’t exist in database
What is server driven negotiation
. server determines the best response based on info sent by client [ usually through the accept headers which state clients preferences]
. evaluates things like the client’s preferred languages, supported content types, and device capabilities to automatically select the most appropriate version of a resource to send back.
extra good info for server driven negotiation just read
extra good info :
Quality Values (q-values):
Clients can specify preference weights in their Accept headers
For example: Accept: text/html;q=0.9, text/plain;q=0.8, /;q=0.5
Higher q-values (0-1) indicate stronger preferences
Best Match Selection:
The server compares available formats against the Accept headers
It tries to find the closest match, even if not perfect
Falls back to less preferred but acceptable alternatives
Default Behavior:
If no acceptable match is found, server typically:
Returns a 406 (Not Acceptable) status code, OR
Falls back to a default format (often text/html)
Might serve the content in available format despite preferences
What is agent driven negotiation
This involves the client (user agent) taking a more active role in the content selection process.
After receiving initial information from the server about available options, the client makes an explicit choice about which version of the content it wants.
bare minimum difference
server driven negotiation -> server uses client info given in accept headers which detail preferences -> server returns best response
Agent driven negotiation -> server returns info on all available options to client - client explicitly chooses preferred option
Question 1
Suggest methods you know to send a GET request to
http://localhost:9090/
GET requests:
Can use browser URL bar (just type the URL)
Can use developer tools / external tools like curl at command line
Can use JavaScript/fetch
Very accessible and default method
suggests methods you know to send other requests
more general
other than Get you typically CANNOT USE WEB BRowser:
developer tools
external tools like curl at command line
. can use java script / fetch
What is a web session
A series of contiguous actions done within a given time frame
