internet / intranet fall 2000 class 9. brandeis university internet/intranet spring 2000 2 class 9...
TRANSCRIPT
Internet / Intranet
Fall 2000
Class 9
Brandeis University Internet/Intranet Spring 2000 2
Class 9 Agenda
Milestone#3 - DiscussionPresentationsMiscellaneous Topics
CybersquattingPlug-Ins, MultimediaDevelopment Environments
Brandeis University Internet/Intranet Spring 2000 3
CybersquattingCybersquatting
Registering a Domain NameContains or Resembles Well-Know Commercial Names or Names of IndividualsWith Intent to:
Prevent Others From Using the NameProfit by Selling Domain Name to Trademark Owner or Individual
Trademark LawLegal Action Only if Domain Name is Used
Anticybersquatting Consumer Protection ActNovember 29, 1999Civil Lawsuits May be Filed by Trademark Holder
Against anyone who Registers, Traffics In, or Uses Domain Name Identical or Confusingly Similar to Protected TrademarkBad Faith Intent to Profit
“Confusingly Similar” to be Decided By Courts
Brandeis University Internet/Intranet Spring 2000 4
Cybersquatting (2)
EffectsReduce the Number of Domain NamesLegitimate Holders May Face Litigation
Bad Faith Factors:Harm Goodwill of Trademark HolderOffer to Sell Domain Without Actually Using it in Bona Fide Offering of Goods and Services (or past pattern of such conduct)Obtained Under False PretensesAcquisition of Multiple Domain Names With Knowledge That They are Similar to Protected Marks
Brandeis University Internet/Intranet Spring 2000 5
Cybersquatting (2)
EffectsReduce the Number of Domain NamesLegitimate Holders May Face Litigation
Bad Faith Factors:Harm Goodwill of Trademark HolderOffer to Sell Domain Without Actually Using it in Bona Fide Offering of Goods and Services (or past pattern of such conduct)Obtained Under False PretensesAcquisition of Multiple Domain Names With Knowledge That They are Similar to Protected Marks
Brandeis University Internet/Intranet Spring 2000 6
Cybersquatting (3)Absence of Bad Faith:
Domain Holder Has Legal Rights to ItDomain Name Commonly Used by Its HolderPast Use of Name in Conjunction with Bona Fide Goods or ServicesNoncommercial or Fair-Use PurposesName Not Distinctive and Famous When RegisteredReasonable Grounds to Believe it was Lawful
PenaltiesDomain Name Cancelled or Forfeited to Rightful OwnerDamages Up to $100,000 per Domain Name
JurisdictionCourt Where Domain Name Registrar is Located
Network Solutions Located in Virginia
Domain Name Registrars are Protected
Brandeis University Internet/Intranet Spring 2000 7
Cybersquatting(4)
ICANN Policies as a ResultMandatory Arbitration Most Registrars Expected to Adopt it
Some Ambiguities in the LawChallenges Expected
Brandeis University Internet/Intranet Spring 2000 8
A Quick Word About Java
JavaScript is Interpreted By the BrowserRun Within Browser EnvironmentLimited by Browser’s CapabilitiesSource Code is Part of HTML Page
Java is a Completely Separate LanguageBrowser Transfers a Java Program (“Applet”) to the Local Machine and Runs It
Output of Java Can Be Displayed Within the BrowserDesigned to Be Safe For Web Use
Otherwise Similar to Transfering .exe ProgramsCompiled Into .class Files
Pseudo-code: Requires a Java Virtual Machine to RunSource Code Hidden From Users
Does Not Have Access to Page Internals (DOM)
Brandeis University Internet/Intranet Spring 2000 9
Including a Java Applet in Your Page
<APPLET CODEBASE=“./japplets” CODE=“myapplet.class” HEIGHT=100 WIDTH=200 ><PARAM Name=Whirl Value=“True”><PARAM Name=Title Value=“WhirlyDemo”></APPLET>
Brandeis University Internet/Intranet Spring 2000 10
Plug-Ins
Platform Specific Extensions to Web BrowsersClient Side Equivalent to Server Extensions
Associated With a File ExtensionSimilar to MS-Windows Associations
If Installed, Files With Extension Will Invoke Program on Browser
Including a Plug-In in HTML<EMBED SRC=“filename.ext” WIDTH=200 HEIGHT=200 PINAMEx = VALUE PINAMEy = VALUE >
Height, Width Where Data is to Be Displayed in Browser Window
Name/Value Pairs are Arguments to the Plug-In
<NOMBED> </NOEMBED> Used to Provide Alternative
Plug-In Must Be From a Trusted SourceLike Any Other Program. Has Full Access to Local Computer
Plug-In DevelopmentNetscape, Microsoft Provide SDK’s
Brandeis University Internet/Intranet Spring 2000 11
Active XMicrosoft Specific“Plug-In” Technology That Allows Components to Run in Browser
Components are Accessible By Other Programs via OLEAllows Developers to Develop Internal Controls That are Web EnabledKey Advantage is Distribution
Active X Components Can Be Distributed via the WebAutomatically Downloaded As Part of Web Page (Unlike Plug-Ins)
Default Security Asks for Confirmation Must Come From a Trusted Source
Typically Used For Intranet Type Applications Or Large Commercial (“Trusted”) Organization
E.g. MicrosoftCertificates Verify Creator of Control
Third Party Verifies Sender is Who They Say They Are
OLE Documents Allow Including a Document in Another Application
E.g. Microsoft Office Applications Can Run Within Browser
Embed Into Web Page Using <CONTROL> TagMany Arguments. Typically Use ActiveX Control Pad to Insert Info
Brandeis University Internet/Intranet Spring 2000 12
Multimedia
Sound<BGSOUND SRC=“URL” LOOP=“Infinite”>
Internet Explorer OnlyCan Appear Anywhere in <BODY>
Best to Place it Near EndOtherwise Graphics Won’t Load Until Sound is Loaded
Default: Loop = 1Supports .wav, .au, .mid Formats
<EMBED src=“music.wav”>Requires Sound Plug-In (e.g. Real Audio)
Video<EMBED src=“movie.mpg”>
Requires Plug-In (or Download and Play Separately)<IMG DYNSRC=“movie.mpg” START=“mouseover” WIDTH=“150” HEIGHT=“100” LOOP=“-1”>
START – indicates when video should play
Brandeis University Internet/Intranet Spring 2000 13
Multimedia (2)
EnvironmentsShockwave / Flash
Development Environment Plus Plug-In PlaybackAllows Development of Animations User Interactivity
Audio Formats.mid – Provides the Music “Score”
Algorithm Generates the Music .wav – Microsoft Windows Sound File.au, .aif – Sun, Apple Sound Files.mp3 – Near CD-Quality Format. Great Compression.
Video Formats.avi – Microsoft Windows Video File.qt, .mov – Apple QuickTime Movie Format.mpg, .mpeg – Current Internet Video Standard.rm – Real Media. Proprietary Video Format
Brandeis University Internet/Intranet Spring 2000 14
Streaming Multimedia
Problem: Audio/Video Take a Long Time To Download
Technologies Require File to Be Downloaded Before PlayingClient Pull: Poor Solution
Requires Breaking Up the A/V into Small FilesChoppy Results
Solution: Stream the Transmission : Play in Near Real Time
Play the A/V as It’s Being SentRequires a Session to Be Efficient
HTTP is Stateless (No Sessions)
Plug-Ins Don’t Have to Use HTTPCan Use TCP/IP Directly
Brandeis University Internet/Intranet Spring 2000 15
Streaming (2)Streaming Issues
Broadcast vs. PlayBackCoordination of Video/Sound is Non TrivialRequire Significant Compression (Scalable)
Lower Resolution as Bandwidth DegradesMany Compression Algorithms Don’t Work in Real Time
Must Deal With Differing BandwidthsServer Performance
Internet IssuesPacket BasedCan’t Rely on Consistent BandwidthPackets May Arrive in Different Order
Errors Require Retransmission“Human Processing”
Video Can Become Choppy With Minor Inconvenience Lost Packets Can Be Skipped
Choppy Audio is UnintelligibleLost Packets Can Not Be Skipped
Brandeis University Internet/Intranet Spring 2000 16
Streaming TricksContinued Improvements ExpectedCompression (Hardware and Software)Buffering
Buffered Transmission Can Cover GlitchesTechnology
UDPFaster Than TCPDoesn’t Resend Packets in Error
New Real Time Control ProtocolsDeveloping New Internet Protocols
Use MulticastingPacket Transmission
Humans Can Deal With 1ms Loss, So:Break Audio Into 1 ms Chunks
Packets Too Small to Efficiently Send as 1msSend ms: 1, 4, 7, 10 in First Packet. 2, 5, 8, 11 in Second, etc.If One Packet Is Lost
Lose 1ms Every 4, Instead of a Contiguous 4 ms Chunk
Brandeis University Internet/Intranet Spring 2000 17
Streaming Multimedia Plug-InsServer Push (Data)
Server Updates HTML Page as NeededSports Scores, etc.
AudioAlmost There
Phone Quality Audio: 64kbps, 5 kbps CompressedCD Quality Audio: 700kbps, 64kbps Compressed
RealAudioBroadcast – AM Radio Qualitymp3 – Downloads of CD Quality Audio
VideoBandwidth Still an Issue
320x240x256 = 2.5 MBVideo Refreshes at 30 times per Second75 Mbps Required for Video
Still Pretty CrudeCompression Improving All the Time
Current: About 100x
Brandeis University Internet/Intranet Spring 2000 18
Other Common Plug-Ins
Adobe AcrobatPDF Files – Portable Document FormatPortable Distribution of “Printed” Documents
Allows Links, Some Text Search CapabilitiesViewable/Printable on Multiple PlatformsAuthor Can Restrict Access (e.g. Restrict Printing)Proprietary Format
Viewers are Freeware
Brandeis University Internet/Intranet Spring 2000 19
VRML
Virtual Reality Modeling Language3-D “Equivalent” of HTMLStandalone Browsers or Plug-Ins
Netscape, IE Make Plug-Ins Available
.wrl Extension. MIME type: x-world/x-vrml
Web 3D Consortiumhttp://www.web3d.org
Brandeis University Internet/Intranet Spring 2000 20
Development Environments
Target CustomerNovice – (Hide HTML From User)Experienced Developer – Make Process More Efficient
HTML EditorsTag EditorsGraphical WYSIWYG EditorsValidation
Site ManagementMacros/Pre-Processor’s/”Compilers”
Shorthand For More Complex TagsTypically Use Custom Tags
GUI Development EnvironmentConversion Tools
Convert Pages Designed in Other Environment Into HTML
E.g. Microsoft Office
Brandeis University Internet/Intranet Spring 2000 21
Common Development Environments
Microsoft FrontpageNovice Target
Hides Internals From User
Netscape Navigator GoldAdobe PageMillDreamweaver
Macromedia Flash
Brandeis University Internet/Intranet Spring 2000 22
Cookies Revisited
Cookies Are Name Value Pairs Passed in the HTTP HeaderCookies Have Associated Expiration
Session (Default)Date / Time
Associated With a URL Path, Not a Page!Allows Passing Parameters Between Web Pages
Thus Cookies are Used to Provide State Information to a Stateless Protocol
Brandeis University Internet/Intranet Spring 2000 23
Cookie Jar
Cookie Storage Internet Explorer c:\windows\cookies Each Has its Own FileNetscape Navigator cookies.txt (all kept in the file)
Limits20 Cookies4K Per Name/Value Pair
Brandeis University Internet/Intranet Spring 2000 24
More Cookies Cookies are Traditionally Set By Server
Set-CookieBrowser is Responsible For Maintaining Them
Stored On Client’s ComputerPassed to Server When Web Site is Revisited
HTTP-CookieCookie Attributes
Name – The Name of the CookieSubsequent References to Same Name Overwrites Cookie Attributes
Value – The Value of the Cookie Identified by NameExpiration – When the Cookie Expires
No Date Specified – Cookie Expires at End of SessionPast Date/Time – Delete the CookieFuture Date/Time – Delete the Cookie After This Date
Example
Brandeis University Internet/Intranet Spring 2000 25
Cookie Bits
Example CookieSet-Cookie: tollhouse=favorite;expires=Thursday, 16-Mar-2000 00:00:00 GMT;path=“”
Note That Date Must Follow This Format:Weekday, DD-MMM-YYYY HH:MM:SS GMT
RFCs specify GMT as the mechanism for handling time problems on the InternetHTTP-Cookie Only Sends Name/Value Pair
Brandeis University Internet/Intranet Spring 2000 26
Cookies - JavaScript
Cookies Can be Set in JavaScriptdocument.cookie = “ “Use Date.toGMTString() to set expiration dateE.g.
document.cookie = “version=1.0; ” + “expires=“ + edate.toGMTString();
To Read a Cookie Value in JavaScriptvar allcookies= document.cookie;var pos = allcookies.indexOf(“version=“);if (pos != -1) {
var start = pos +8; var end = allcookies.indexOf(“;”,start);if (end == -1) end = allcookies.length;var value = allcookies.substring(start,end);vervalue = unescape(value);
}
Brandeis University Internet/Intranet Spring 2000 27
Cookie Structure
Path InformationDefault is to Send Cookie to Any URL in the Same Directory or any Subdirectory of the Page Which Set CookiePath Attribute Can Request That Cookie Be Sent to All URLs in Path (and its Subdirectories)
Only Paths That are a Prefix of Current URL are AllowedIf Cookies Overlap, All are Sent.
Ordered by Most Specific to Least Specific MatchDomain Attribute – Allows Cookies to Be Shared Across Sites
Must Be Part of Same DomainE.g. boston.brandeis.edu and lab.brandeis.edu are part of the same domain but may be different servers
Secure – Only Sends Cookie If Secure Protocol is Used (e.g. SSL)
Brandeis University Internet/Intranet Spring 2000 28
Security Issues
Protections:Cookie Can Only Store Information Already Known to Server
Can’t Access Hard Disk, etc.
Data Only – Not Executed by Client MachineData Can’t Be Shared Across Sites
Concerns:Of Course This Assumes That Browser Follows the RulesBrowser Can Store Sensitive Information
E.g. If Server Doesn’t Set Secure Tag, a Credit Card # May Be Passed in Clear to Another Page in Same Path
“Invisible” to UsersPaths Are Not Always Obvious
E.g. Multiple Sites Receive Graphics From DoubleClick Server
DoubleClick Can Now Gather “Cross-Site” Information
Zealous privacy folks advocate turning off cookies