October 7 training diary

When Li Jie used a third-party API to access a Word document, he encountered an error where the DLL could not be found. He explained that the DLL should also prevent the principle in the directory specified by the PATH environment variable, by the way, we also analyzed how to use Java to call the functions in the DLL written in C language. Java uses Java to call the C language DLL when you want to operate on specific resources on Windows, such as writing a registry or a Word document.
I reviewed the working principle of the web server, the process of accessing a multi-graph web page by a browser, and the format of the HTTP request message and Response Message.
Comparing HTTP 1.0 and HTTP 1.1, a single connection can provide an intuitive understanding of multiple requests and responses.
When explaining the role of the header field, I mentioned the role of cookie (for example, cookie is a number sent from the server to the browser ), the role of Session (session is a piece of memory allocated by the server for each browser ).
Various response status codes, demo of passing parameters in get and post modes, difference between applications (get for query, post for modification), and telnet to access get and post experiments on the Web server.
In-depth analysis of various request and response header fields:
Cache-control: No-Cache (*)
Connection: Close/keep-alive (*)
Date: Tue, 11 Jul 2000 18:23:51 GMT
Pragma: No-Cache (*)
Trailer: Date
Transfer-encoding: chunked (*)
Upgrade: HTTP/2.0, shttp/1.3
Via: HTTP/1.1 proxy1, HTTP/1.1 proxy2
Warning: any text
Cache-control example: dynamically generated images are not updated with the database, such as Access counters and stock analysis charts.
Chunked Transmission Encoding is used to access the Tomcat homepage for an experiment. I have a webpage. The server first reads the webpage content to the buffer zone. When the buffer zone is full or all the content of the webpage is loaded, it is sent to the browser, for the latter, the webpage size can be calculated. For the former, it can be sent to the browser several times, so the size cannot be calculated. Chunked is used, and each piece of data starts with its own size.

Accept: text/html, image /*(*)
Accept-charset: ISO-8859-1, unicode-1-1 (*)
Accept-encoding: gzip, compress (*)
Accept-language: En-GB, ZH-CN (*)
Authorization: Basic enh4ojeymzq1ng = (*)
Secondary CT: 100-continue
From: zxx@it315.org
HOST: www.it315.org: 80 (*)
If-Match: "xy1_"," r2d2xxxx"

If-modified-since: Tue, 11 Jul 2000 18:23:51 GMT (*)
If-None-Match: "xy1_"," r2d2xxxx"
If-range: Tue, 11 Jul 2000 18:23:51 GMT
If-unmodified-since: Tue, 11 Jul 2000 18:23:51 GMT
Max-forwards: 1
Proxy-authorization: Basic enh4ojeymzq1ng =
Range: bytes = 100-599 (*)
Value Range: bytes = 100-
Range: bytes =-100
Referer: http://www.it315.org/index.jsp (*)
Te: trailers, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0 )(*)

Accept-range: bytes (*)
Age: 315315315
Etag: b38b9-17dd-367c5dcd
Location: http://www.it315.org/index.jsp (*)
Proxy-Authenticate: Basic realm = "it315"
Retry-after: Tue, 11 Jul 2000 18:23:51 GMT
Server: Microsoft-IIS/5.0 (*)
Vary: Accept-Language
WWW-Authenticate: Basic realm = "it315 "(*)

Allow: Get, post
Content-encoding: gzip (*)
Content-language: ZH-CN (*)
Content-Length: 80 (*)
Content-location: http://www.it315.org/java_cn.html
Content-MD5: abcdabcdabcdabcdabcdab =
Content-range: bytes 2543-4532/7898 (*)
Content-Type: text/html; charset = gb2312 (*)
Expires: Tue, 11 Jul 2000 18:23:51 GMT (*)
Last-modified: Tue, 11 Jul 2000 18:23:51 GMT (*)

Content-MD5: although the browser receives the content returned by the server, but not sure whether the content sent by the server is corrupted during transmission, it can be verified through this Content-MD5.
Without the last-modified header field, the Servlet File will also be cached, And the cached page can be called up with the forward and backward buttons and press enter (enter the original address) in the browser address bar, however, clicking the hyperlink will send a new request. If the last-modified header field is added, no new request will be sent during this runtime of the browser, even if you click the hyperlink. A refresh request is sent every time (including nested images), but the response result is related to last-modified. If cache is disabled, no temporary files are cached.

Refresh header field
Refresh: 1
Refresh: 1, url = http://www.it315.org
Content-Disposition Header field
Content-Type: Application/octet-stream
Content-Disposition: attachment; filename=aaa.zip

Questions:
1. Briefly describe the differences between HTTP 1.1 and HTTP 1.0 based on your understanding.
2. Describe the composition structure of HTTP request messages and HTTP response messages.
3. In what situations does the browser use the get and post methods to access the Web server? If the parameter content sent by the browser to the Web server exceeds 1 kb, which method should I use to send the request message?
4. Describe the meaning of response status codes such as 200, 206, 302, 304, 401, 404, and 500.
5. list three header fields that disable browser cache and write the corresponding settings.
6. if the Web server program wants to return the webpage document content of the country language based on the browser version used by the visitor, which request header field sent by the browser should be checked to identify its country language information?
7. describe the role of the referer header field based on your understanding.
8. describe the role of the Content-Type header field based on your understanding. If you place a wordfile (.doc) in the root directory of the Tomcat server, you must enable the word program automatically when the IE browser accesses this word file. What are the conditions on the clients and tomcat servers where the IE browser is located.

Problems exposed:
Javascript is not enough, and JavaScript testing should be strengthened in future testing questions: for example, the difference between get and post methods of form with URL parameters.

Highlights:
Finally, I wrote a JSP to explain the role of the referer header field. By the way, the relationship between JSP and servlet is introduced. This article analyzes how a blog system can prevent <meta> element attacks, how to access this blog system for attacks, and conduct attack experiments after learning the session.