Web Technologies Demystified

Max Moroz
October, 2000

At a minimum, a website is a few files written in pure HTML, plus a piece of software running on a computer with an Internet connection, which displays those files to visitors. That software is called web server; the computer it runs on is also called a web server. The visitor's computer is called the client. This arrangement is still used today. But today, you can only find a website that uses nothing but HTML only in a museum of antiquity (look for signs Early to Mid-1990s).

A modern website has moved far beyond the capabilities of HTML. We begin by listing general categories of functionality where HTML is hopelessly insufficient. Then, we will explain how different technologies relate to those features.

Back-end. A website may need to perform some computation or data processing based on the information you provided. This may include accessing a separate database (e.g., to store your billing data, or to look up your order status). Or it may simply be summing up the prices of items you ordered, to display the total amount.
Development. Web designers are worth their weight in gold, and yet there are never enough. Various technologies can save web designers' time. Some allow to update many pages in a website simultaneously; others offer add-ons with which a single line of code creates a complex user interface feature.
Non-PC devices. The most advanced websites explore ways to be available not just over a regular browser, but also over wireless connections to PDAs or cell phones. A small wireless device cannot understand complex technology, such as JavaScript; also it usually cannot display images (bandwidth limitations would make it impractical to use a lot of images anyway). Therefore, special techniques are required to make browsing from a phone or PDA reasonably efficient.
Personalization. Any major website personalizes its content, at least to some extent, for every visitor. Yahoo and Amazon are, perhaps, the best examples.
Security. Most commercial websites must provide security for every aspect of interaction with visitors.
User interface. Pure HTML is very limited in this area, and does not allow effects as menus that "unroll" when you move your mouse over them, tables that can be sorted by clicking on a column heading, annoying ads that try to play games with you, etc.

We will also distinguish server-side and client-side technologies. A server-side technology uses the web server to perform various actions. The result is sent over the network to the client. A client-side technology runs directly on the web visitor's computer. A server-side application that tries to display a lot of results to the user will suffer from network delays and speed limitations. A client-side technology does not need to worry about the network connection (unless it needs a lot of data from the server). But it can slow down or crash the user's computer. Also, it will typically require the web user to have a sufficiently powerful device; almost no client-side technology can run on a cell phone or PDA today.

Finally, since Netscape effectively lost the browser wars, we will not include technologies that are intended primarily for Netscape rather than IE.

Technology Categories Type Description

XML (Extensible Markup Language) back-end, user interface, development server-side and client-side A language similar to HTML that allows the authors to tag various pieces of the document so that a computer understands more about the document structure. For instance, you can mark the word Anderson as either an organization name or a personal name. Suppose you created a website for the Anderson school not using XML. A user wants to search for a student called Anderson. She is really out of luck, as she will mostly get pages that talk about the school itself. But if you used XML, she could tell the search engine that she is looking for a person.
XML also allows personalization
At present, XML is used very little on the web at large; it is mostly pioneered in intranet and extranet applications custom-built for large corporations.
More info: http://www.searchxmlresources.com/

Java applet user interface client-side Java is a very powerful modern programming language. It can be used to create any type of software application.
A Java applet is just a software application written in Java that is intended for the web. That is, it is linked from a web page, so when you come to that page, the application starts running.
The main difference between an applet and a fully-blown Java application is that an applet is restricted in functionality for security reasons; for instance, it cannot freely access your hard drive. When you go to a website, you do not know what applets are included in it, and who wrote them and why -- so giving an applet full control of your computer is absolutely unacceptable.
More info: http://java.sun.com/

JavaScript and JScript user interface client-side A very simple language (usually called scripting language, to distinguish it from more powerful and complex programming languages) for enriching the display and interactivity of web pages. Typical example is a button that changes color as you move your mouse over it. A more useful example is a menu that rolls out more details when you click a category; this is done without loading a whole new page, and even without connecting to the web server.
JavaScript is Netscape's technology, but fully adopted by Microsoft. When JavaScript is used inside IE browser, it is called JScript.
JavaScript is not related to Java, except that it somewhat resembles Java.
More info: http://javascript.internet.com/

VBScript user interface client-side Similar to JavaScript. Developed by Microsoft, and does not work in Netscape. A simplified variant of Visual Basic.
More info: http://msdn.microsoft.com/scripting/default.htm?/scripting/vbscript/

CSS (Cascading Style Sheets) user interface, development, personalization client-side Instructions for the browser about how to display the page (font, layout, etc.). Using CSS, the author of the web page has full control over what the user sees, regardless of the browser settings, etc. In addition, CSS allows web designer to define complex formatting styles, and then use them with a short command, instead of specifying all the fonts, sizes, layout, etc., every time.
More info: http://www.w3.org/Style/

DHTML (Dynamic HTML) user interface client-side Refers to the combination of HTML, CSS and JavaScript, which together allow creating web pages that interact with the user. Originally meant for Netscape, but works in IE as well.
More info: http://wdvl.com/Authoring/DHTML/

SSI (Server-Side Include) development server-side An instruction inside a web page for the web server. For instance, it may ask the server to include another web page inside the current one (typically, a navigation bar, or some other common header or footer). This saves a lot of time when this common element needs to be updated in hundreds of pages throughout the website.
More info: http://wdvl.com/Authoring/SSI/

CGI (Common Gateway Interface) back-end server-side CGI is the oldest server-side technology. It was available in very early browsers, and was supported by very early versions of HTML. It is still used today: whenever you see a question mark (?) in the URL address, you usually see CGI in action.
CGI simply tells the server what the user typed into an HTML form. So if you type your name and address, and press submit, CGI transmits that information to the server. Then, software on the server processes that information and sends the result back to the user. That software must be written specifically for each occasion; any programming language can be used (such as C/C++, Java or Perl).
More info: http://wdvl.com/Authoring/CGI/

ASP (Active Server Pages) back-end, user interface, personalization server-side A technology from Microsoft that works only with Microsoft web server software (but browser brand does not matter). This technology allows to execute scripting languages such as VBScript and JavaScript on the server. This results in better uniformity (since the server is controlled by the website owner, while each browser is different) and offloads the processing from the user computer.
Since ASP runs on the server, it also offers additional functionality not available with client-side scripting. For instance, an ASP page can connect to a database to get the information to be displayed.
Pages that use ASP have extension .asp rather than .htm or .html.
More info: http://wdvl.com/Authoring/ASP/

JSP (Java Server Pages) back-end, user interface, personalization server-side JSP is similar in function to ASP and CGI. It allows a web server to process user input or perform some other functions and return the results to the user's browser. JSP code is written in java, and is called a servlet.
JSP is supported by all major web server software.
More info: http://java.sun.com/products/servlet/

PHP (originally Personal Home Page tools, it is no longer unabbreviated) user interface, back-end server-side Scripting language for use on the server. Free (developed by Linux enthusiasts). Supported by all web servers. Similar to ASP in functionality, but simpler and less powerful.
More info: http://wdvl.com/Authoring/Languages/PHP/

cookies personalization client-side A small amount of information that a website can store inside the user's computer to later recognize that user when she returns to the website. A cookie can do nothing else, but it is enough to create very powerful features. For instance, a website can track a user as she navigates between web pages; then using that information, it can be redesigned for better navigational efficiency. Or a website can remember that a user is interested in certain types of products, and then when the same user returns to the site, serve her appropriate ads. Further, it can share that information with other websites, so that they also serve similar ads to her.
Cookies provide website owners a view of the user's behavior, so they naturally raise privacy concerns. On the other hand, cookies greatly enhance your web surfing experience. Therefore, most people do not switch off the cookies, even though browsers allow to do that.
More info: http://www.cookiecentral.com/

SSL (Secure Sockets Layer) security client-side and server-side Supported by all major web browsers and web servers. When information is sent from the user to the web server and back, it is encrypted using RSA public/private key system.
A web server exchanges public keys with a user. Then all communications between the web server and the user is secure.
More info: http://home.netscape.com/security/techbriefs/ssl.html?cp=sciln

S-HTTP (Secure HTTP) security client-side and server-side An alternative technology to SSL. It seems to disappear off the map, as SSL is far ahead in adoption.

WAP non-PC devices client-side The set of standards, which include WML, to enable wireless access to the web. WAP deals with all aspect of communication with a wireless device, from getting the information over the poor quality and slow connection, to displaying it on the tiny text-only screen.
While WAP-enabled phones are widely available in Europe, and even made their way into the US, the adoption is slow. The browsing experience is greatly weakened by the limitations of bandwidth, display and lack of keyboard or mouse. Some experts believe WAP is doomed to extinction, and until next generation wireless offers high bandwidth, web over wireless will not take off.
More info: http://www.wap-resources.net/ and http://www.allnetdevices.com/faq/

WML (Wireless Markup Language), formerly called HDML (Handheld Devices Markup Language) non-PC devices client-side Analog of HTML for wireless devices. It is tuned to cell phones but can also be used on PDAs, such as Palm.
More info: see WAP.

Technology	Categories	Type	Description
XML (Extensible Markup Language)	back-end, user interface, development	server-side and client-side	A language similar to HTML that allows the authors to tag various pieces of the document so that a computer understands more about the document structure. For instance, you can mark the word Anderson as either an organization name or a personal name. Suppose you created a website for the Anderson school not using XML. A user wants to search for a student called Anderson. She is really out of luck, as she will mostly get pages that talk about the school itself. But if you used XML, she could tell the search engine that she is looking for a person. XML also allows personalization At present, XML is used very little on the web at large; it is mostly pioneered in intranet and extranet applications custom-built for large corporations. More info: http://www.searchxmlresources.com/
Java applet	user interface	client-side	Java is a very powerful modern programming language. It can be used to create any type of software application. A Java applet is just a software application written in Java that is intended for the web. That is, it is linked from a web page, so when you come to that page, the application starts running. The main difference between an applet and a fully-blown Java application is that an applet is restricted in functionality for security reasons; for instance, it cannot freely access your hard drive. When you go to a website, you do not know what applets are included in it, and who wrote them and why -- so giving an applet full control of your computer is absolutely unacceptable. More info: http://java.sun.com/
JavaScript and JScript	user interface	client-side	A very simple language (usually called scripting language, to distinguish it from more powerful and complex programming languages) for enriching the display and interactivity of web pages. Typical example is a button that changes color as you move your mouse over it. A more useful example is a menu that rolls out more details when you click a category; this is done without loading a whole new page, and even without connecting to the web server. JavaScript is Netscape's technology, but fully adopted by Microsoft. When JavaScript is used inside IE browser, it is called JScript. JavaScript is not related to Java, except that it somewhat resembles Java. More info: http://javascript.internet.com/
VBScript	user interface	client-side	Similar to JavaScript. Developed by Microsoft, and does not work in Netscape. A simplified variant of Visual Basic. More info: http://msdn.microsoft.com/scripting/default.htm?/scripting/vbscript/
CSS (Cascading Style Sheets)	user interface, development, personalization	client-side	Instructions for the browser about how to display the page (font, layout, etc.). Using CSS, the author of the web page has full control over what the user sees, regardless of the browser settings, etc. In addition, CSS allows web designer to define complex formatting styles, and then use them with a short command, instead of specifying all the fonts, sizes, layout, etc., every time. More info: http://www.w3.org/Style/
DHTML (Dynamic HTML)	user interface	client-side	Refers to the combination of HTML, CSS and JavaScript, which together allow creating web pages that interact with the user. Originally meant for Netscape, but works in IE as well. More info: http://wdvl.com/Authoring/DHTML/
SSI (Server-Side Include)	development	server-side	An instruction inside a web page for the web server. For instance, it may ask the server to include another web page inside the current one (typically, a navigation bar, or some other common header or footer). This saves a lot of time when this common element needs to be updated in hundreds of pages throughout the website. More info: http://wdvl.com/Authoring/SSI/
CGI (Common Gateway Interface)	back-end	server-side	CGI is the oldest server-side technology. It was available in very early browsers, and was supported by very early versions of HTML. It is still used today: whenever you see a question mark (?) in the URL address, you usually see CGI in action. CGI simply tells the server what the user typed into an HTML form. So if you type your name and address, and press submit, CGI transmits that information to the server. Then, software on the server processes that information and sends the result back to the user. That software must be written specifically for each occasion; any programming language can be used (such as C/C++, Java or Perl). More info: http://wdvl.com/Authoring/CGI/
ASP (Active Server Pages)	back-end, user interface, personalization	server-side	A technology from Microsoft that works only with Microsoft web server software (but browser brand does not matter). This technology allows to execute scripting languages such as VBScript and JavaScript on the server. This results in better uniformity (since the server is controlled by the website owner, while each browser is different) and offloads the processing from the user computer. Since ASP runs on the server, it also offers additional functionality not available with client-side scripting. For instance, an ASP page can connect to a database to get the information to be displayed. Pages that use ASP have extension .asp rather than .htm or .html. More info: http://wdvl.com/Authoring/ASP/
JSP (Java Server Pages)	back-end, user interface, personalization	server-side	JSP is similar in function to ASP and CGI. It allows a web server to process user input or perform some other functions and return the results to the user's browser. JSP code is written in java, and is called a servlet. JSP is supported by all major web server software. More info: http://java.sun.com/products/servlet/
PHP (originally Personal Home Page tools, it is no longer unabbreviated)	user interface, back-end	server-side	Scripting language for use on the server. Free (developed by Linux enthusiasts). Supported by all web servers. Similar to ASP in functionality, but simpler and less powerful. More info: http://wdvl.com/Authoring/Languages/PHP/
cookies	personalization	client-side	A small amount of information that a website can store inside the user's computer to later recognize that user when she returns to the website. A cookie can do nothing else, but it is enough to create very powerful features. For instance, a website can track a user as she navigates between web pages; then using that information, it can be redesigned for better navigational efficiency. Or a website can remember that a user is interested in certain types of products, and then when the same user returns to the site, serve her appropriate ads. Further, it can share that information with other websites, so that they also serve similar ads to her. Cookies provide website owners a view of the user's behavior, so they naturally raise privacy concerns. On the other hand, cookies greatly enhance your web surfing experience. Therefore, most people do not switch off the cookies, even though browsers allow to do that. More info: http://www.cookiecentral.com/
SSL (Secure Sockets Layer)	security	client-side and server-side	Supported by all major web browsers and web servers. When information is sent from the user to the web server and back, it is encrypted using RSA public/private key system. A web server exchanges public keys with a user. Then all communications between the web server and the user is secure. More info: http://home.netscape.com/security/techbriefs/ssl.html?cp=sciln
S-HTTP (Secure HTTP)	security	client-side and server-side	An alternative technology to SSL. It seems to disappear off the map, as SSL is far ahead in adoption.
WAP	non-PC devices	client-side	The set of standards, which include WML, to enable wireless access to the web. WAP deals with all aspect of communication with a wireless device, from getting the information over the poor quality and slow connection, to displaying it on the tiny text-only screen. While WAP-enabled phones are widely available in Europe, and even made their way into the US, the adoption is slow. The browsing experience is greatly weakened by the limitations of bandwidth, display and lack of keyboard or mouse. Some experts believe WAP is doomed to extinction, and until next generation wireless offers high bandwidth, web over wireless will not take off. More info: http://www.wap-resources.net/ and http://www.allnetdevices.com/faq/
WML (Wireless Markup Language), formerly called HDML (Handheld Devices Markup Language)	non-PC devices	client-side	Analog of HTML for wireless devices. It is tuned to cell phones but can also be used on PDAs, such as Palm. More info: see WAP.