DOCSLIB.ORG

3-Tier Architectures

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
3-Tier Architectures 3-Tier Web Architectures Ramakrishnan & Gehrke, Chapter 7 www.w3schools.com www.webdesign.com … Databases & Web Services (P. Baumann) 1 Overview . Three-tier architectures . Presentation tier . Application tier Databases & Web Services (P. Baumann) 2 Components of Data-Intensive Systems . Presentation • Primary interface to the user • Needs to adapt to different display devices (PC, PDA, cell phone, voice access, …) . Application (“business”) logic • Implements business logic (implements complex actions, maintains state between different steps of a workflow) • Accesses different data management systems . Data management • One or more standard database management systems . system architecture determines whether these three components reside on a single system (“tier) or are distributed across several tiers Databases & Web Services (P. Baumann) 3 Client-Server Architectures . Work division: Thin client • Client implements only graphical user interface • Server implements business logic and data management . Work division: Thick client • Client implements both graphical user interface and business logic • Server implements data management Databases & Web Services (P. Baumann) 4 Single-Tier Architectures . All functionality combined into a single tier • usually on a mainframe • User access through dumb terminals . Advantage app_1 app_n • Easy maintenance and administration server . Disadvantages • users expect graphical user interfaces • Heavy load on central system Databases & Web Services (P. Baumann) 5 Disadvantages of Thick Clients . No central place to update the business logic . Security issues: Server needs to trust clients • Access control and authentication needs to be managed at the server • Clients need to leave server database in consistent state • One possibility: Encapsulate all database access into stored procedures . Does not scale to more than several 100s of clients • high data transfer volume between server and client • More than one server creates a problem: x clients, y servers => x*y connections Databases & Web Services (P. Baumann) 6 The Three-Tier Architecture Presentation tier Client Program (Web Browser) Middle tier Application Server Data management tier Database Management System Databases & Web Services (P. Baumann) 7 Advantages of a 3-Tier Architecture . Modularity . Integrated data access • Tiers can be independently • Several database systems handled maintained, modified, replaced transparently at middle tier . Scalability • Central management of connections • Replication at middle tier permits . Easier software development scalability of business logic • Code for business logic is centralized, . Thin clients easier to maintain • well-defined APIs between tiers allow • Only presentation layer at client use of standard components (web browsers), no biz logic interoperability Databases & Web Services (P. Baumann) 9 Overview of Technologies: Client-Side . Contents presented by browser (static) • Text, HTML/CSS, XML/DTD/XSL, images, movies, audio, ... Contents interpreted by the browser • Dynamic HTML; Browser scripting: JavaScript, VBScript, ... Code executed by browser • in browser context: Java applets, ActiveX, … • Dedicated programs in browser context = plug-ins: flash, ... • External programs launched by browser = Helper applications . Security always an issue: keeping client (!) safe from intruders Databases & Web Services (P. Baumann) 10 Overview of Technologies: Server-Side . Static contents (eg, HTML) with executable code • SSI (Server-Side Includes), XSSI • Server-side Scripting (Livewire, ASP, PHP, JSP, ...) . Generated contents • Separate process per call: CGI • Within server context: Fast-CGI, Servlets, ... Server extensions • Google APIs, NSAPI, IISAPI, Apache modules, ... • Database gateways/frontends . Application servers . Security always an issue: keeping server (!) safe from intruders Databases & Web Services (P. Baumann) 11 Technologies HTML, CSS, Javascript Presentation Tier Ajax (Web Server & Browser) Cookies Application Server JSP, Servlets, CGI, … Database Management System Tables, XML, JSON, … Stored Procedures Databases & Web Services (P. Baumann) 12 Lecture Overview . Three-tier architectures . Presentation tier . Application tier Databases & Web Services (P. Baumann) 13 The Presentation Tier . Recall: Functionality of the presentation tier • Primary interface to the user • Needs to adapt to different display devices (PC, PDA, cell phone, voice access?) • For efficiency, simple functionality (ex: input validity checking) . Mechanisms: • HTML Forms • Dynamic HTML / JavaScript • CSS Databases & Web Services (P. Baumann) 14 HTML Forms . Common way to communicate data from client to middle tier . General format of a form: • <form action=“page.jsp” method=“GET” name=“loginForm”> <input type=… value=… name=…> </form> . Components of an HTML form tag: • action: URI that handles the content • method: HTTP GET or POST method • name: Name of the form; can be used in client-side scripts to refer to the form Databases & Web Services (P. Baumann) 15 JavaScript . Goal: Add functionality to the presentation tier . Sample applications: • Detect browser type and load browser-specific page • Browser control: Open new windows, close existing windows (example: pop-ups) • Client-side interaction (conditional forms elements, validation, …) . JavaScript optimal for Web browser because • Built-in engine • Operates directly on “browser brain” = DOM Databases & Web Services (P. Baumann) 16 Inset: HTML and DOM Exercise: <TABLE> draw DOM tree for some HTML snippet <TBODY> <TR> <TD>Shady Grove</TD> <TD>Aeolian</TD> </TR> <TR> <TD>Over the River, Charlie</TD> <TD>Dorian</TD> </TR> </TBODY> </TABLE> Databases & Web Services (P. Baumann) 17 JavaScript: Example . HTML Form: . Associated JavaScript: <form method=”GET“ name=“LoginForm” <script language="javascript"> action="TableOfContents.jsp"> function testEmpty() Login: { loginForm = document.LoginForm <input type="text" name="userid"/> if ( (loginForm.userid.value == "") || Password: (loginForm.password.value == "") ) <input type="password“ name="password"/> { alert( „Error: Empty userid or password.„ ); <input type="submit“ value="Login“ return false; name="submit” onClick=“testEmpty()”/> } <input type=“reset” value=“Clear”/> else </form> return true; } </script> Databases & Web Services (P. Baumann) 18 Lecture Overview . Three-tier architectures . Presentation tier . Application tier Databases & Web Services (P. Baumann) 20 The Middle (Application) Tier . Recall: Functionality of the middle tier • Encodes business logic • Connects to database system(s) • Accepts form input from the presentation tier • Generates output for the presentation tier . Mechanisms: • CGI: Protocol for passing arguments to programs running at the middle tier • Application servers: Runtime environment at the middle tier • Servlets: Java programs at the middle tier • PHP: Program parts in schematic documents (see earlier) • How to maintain state at the middle tier Databases & Web Services (P. Baumann) 21 CGI: Common Gateway Interface . Goal: Transmit arguments from HTML forms to application programs running at the middle tier . Details of the actual CGI protocol unimportant • libraries implement high-level interfaces . Disadvantages: • application program invoked in new process at every invocation (remedy: FastCGI) • No resource sharing (database connections!) between application programs (remedy: application servers) Databases & Web Services (P. Baumann) 22 Application Server: Process Structure Web Browser . Idea: Avoid overhead of CGI HTTP . Manage thread pool of workers, connections, sessions Web Server Application Server C++ JavaBeans JDBC ... ODBC DBMS 1 DBMS 2 Pool of Servlets Databases & Web Services (P. Baumann) 23 Servlets vs. PHP . Servlets • Generate HTML by writing it to the “PrintWriter” object • Code first, webpage second . PHP • Written in HTML, Servlet-like code embedded in the HTML • Webpage first, code second • also executed by web server . Best suited for…? • servlets for “heavy-weight” services with high processing share • PHP for “light-weight” services with few processing Databases & Web Services (P. Baumann) 25 Ex: Java With HTML Inside Vice versa, ie: HTML with PHP inside? See earlier example & your project! Databases & Web Services (P. Baumann) 26 Speed Comparison . Where is the overhead with CGI? • Fork process • Load Perl interpreter • Initialize Perl runtime system • Load payload script • Interpret / precompile&execute script . Sample benchmarks [LAMP book] • CGI vs. mod_perl 36 : 6 = 6 • /cgi-bin vs. /perl 200 : 8 = 25 Databases & Web Services (P. Baumann) 27 Maintaining Client State . http is stateless – but there is information that needs to persist • Old customer orders • “Click trails” of a user‟s movement through a site • Permanent choices a user makes . Advantages • Easy to use: don‟t need anything • Great for static-information applications • Requires no extra memory space . Disadvantage: No record of previous requests means: • No shopping baskets, no user logins • No custom or dynamic content • Security is more difficult to implement Databases & Web Services (P. Baumann) 28 Where to Keep Application State? . Client-side state • Information is stored on the client‟s computer in the form of a cookie . Hidden state • Information is hidden within dynamically created web pages . Server-side state • Information is stored in a database, or in the application layer‟s local memory Databases & Web Services (P. Baumann) 29 Server-Side State . Various
Load more

Recommended publications
  • Protecting Browser State from Web Privacy Attacks
    Protecting Browser State from Web Privacy Attacks Collin Jackson Andrew Bortz Stanford University Stanford University [email protected] [email protected] Dan Boneh John C Mitchell Stanford University Stanford University [email protected] [email protected] ABSTRACT malicious attackers is critical for privacy and security, yet Through a variety of means, including a range of browser this task often falls by the wayside in the push for function- cache methods and inspecting the color of a visited hyper- ality. link, client-side browser state can be exploited to track users An important browser design decision dating back to Net- against their wishes. This tracking is possible because per- scape Navigator 2.0 [10] is the \same-origin" principle, which sistent, client-side browser state is not properly partitioned prohibits web sites from different domains from interacting on per-site basis in current browsers. We address this prob- with another except in very limited ways. This principle lem by refining the general notion of a \same-origin" policy enables cookies and JavaScript from sites of varying trust- and implementing two browser extensions that enforce this worthiness to silently coexist on the user's browser without policy on the browser cache and visited links. interfering with each other. It is the failure to apply an ap- We also analyze various degrees of cooperation between propriate adaptation of the same-origin principle to all per- sites to track users, and show that even if long-term browser sistent browser state that is the source of the most alarming state is properly partitioned, it is still possible for sites to web privacy leaks.
    [Show full text]
  • Automated Cross-Browser Compatibility Testing
    Automated Cross-Browser Compatibility Testing ∗ Ali Mesbah Mukul R. Prasad Electrical and Computer Engineering Trusted Systems Innovation Group University of British Columbia Fujitsu Laboratories of America Vancouver, BC, Canada Sunnyvale, CA, USA [email protected] [email protected] ABSTRACT web browsers render web content somewhat differently [18, With the advent of Web 2.0 applications and new browsers, 24, 25, 26]. However, the scope and impact of this problem the cross-browser compatibility issue is becoming increas- has been rapidly growing due to two, fairly recent trends. ingly important. Although the problem is widely recognized First, modern, rich-content web applications have a heavy among web developers, no systematic approach to tackle client-side behavioral footprint, i.e., they are designed to ex- it exists today. None of the current tools, which provide ecute significant elements of their behavior exclusively on the screenshots or emulation environments, specifies any notion client-side, typically within the web browser. Further, tech- of cross-browser compatibility, much less check it automat- nologies such as Ajax [12], Flash, and event-handling for ically. In this paper, we pose the problem of cross-browser dynamic HTML, which support this thick-client behavior, compatibility testing of modern web applications as a `func- are the very aspects in which web browsers differ. tional consistency' check of web application behavior across Second, recent years have seen an explosion in the num- different web browsers and present an automated solution ber of available web browsers. There are nearly 100 different for it. Our approach consists of (1) automatically analyzing web browsers available today [31].
    [Show full text]
  • Cgi Environment Variables
    Appendix A CGI ENVIRONMENT VARIABLES The original specification for the Common Gateway Interface (CGI) established a list of environment variables, or aspects of the server and of the users connec- The complete CGI specification, http:// tion that would always be made known to CGI scripts. These variables remain a hoohoo.ncsa.uiuc.edu/cgi/ basic part of writing CGI scripts and have also been adopted in other server-side interface.html scripting languages, including server-side includes, ASP, and PHP. This list of the CGI environment variables below is annotated. SERVER_SOFTWARE The name and complete version information of the Web server software. Some server-side software adds itself to SERVER_SOFTWARE string. For example, Apache/1.3.26 (Unix) PHP/4.2.3. SERVER_NAME The servers domain name or IP address. GATEWAY_INTERFACE The version of the CGI specification in use. For example, CGI/1.1. CGI scripts are executable programs that can also be run as command-line programs on the server. The script can use the presence of a GATEWAY_INTERFACE environment variable to determine that it is being run as a CGI script. SERVER_PROTOCOL The communications protocol and version number used to request the script. For example, HTTP/1.1. SERVER_PORT Library Technology Reports The port number to which the request was sent. Sites running Web services on ports other than the default of 80 may want scripts to behave differently for users on different ports. REQUEST_METHOD The HTTP method used for the request. For example, GET or POST. A common use of this variable is have one script handle both the job of displaying a form to the user and of handling the forms submission.
    [Show full text]
  • Fingerprinting Information in Javascript Implementations
    Fingerprinting Information in JavaScript Implementations Keaton Moweryy, Dillon Bogenreif*, Scott Yilek*, and Hovav Shachamy yDepartment of Computer Science and Engineering *Department of Computer and Information Sciences University of California, San Diego University of St. Thomas La Jolla, California, USA Saint Paul, Minnesota, USA ABSTRACT employ additional means to identify the user and the sys- To date, many attempts have been made to fingerprint users tem she is using. Hardware tokens are appropriate in certain on the web. These fingerprints allow browsing sessions to be settings, but their cost and inconvenience form a barrier to linked together and possibly even tied to a user's identity. ubiquitous use. For such sites, browser and user fingerprints They can be used constructively by sites to supplement tra- form an attractive alternative to hardware tokens. On the ditional means of user authentication such as passwords; and (reasonable) assumption that typical users will usually log they can be used destructively to counter attempts to stay in from a single machine (or, at most, a handful), JavaScript anonymous online. fingerprinting allows sites to harden passwords against ac- In this paper, we identify two new avenues for browser fin- count hijacking with a minimum of user inconvenience. gerprinting. The new fingerprints arise from the browser's Destructively, fingerprints can also be used to identify JavaScript execution characteristics, making them difficult and track users, even when those users wish to avoid be- to simulate or mitigate in practice. The first uses the innate ing tracked. The most familiar browser fingerprinting tech- performance signature of each browser's JavaScript engine, nology is the cookie, a client-side datastore partitioned by allowing the detection of browser version, operating system domain and path.
    [Show full text]
  • Invasive Browser Sniffing and Countermeasures
    Invasive Browser Sniffing and Countermeasures Markus Jakobsson Sid Stamm Indiana University Indiana University Bloomington, Indiana USA Bloomington, Indiana USA [email protected] [email protected] ABSTRACT credentials; subjects in the control group received an email We describe the detrimental effects of browser cache/history appearing to come from an unknown person within the same sniffing in the context of phishing attacks, and detail an ap- domain as themselves. Even though the same statistics may proach that neutralizes the threat by means of URL person- not apply to the general population of computer users, it is alization; we report on an implementation performing such clear that it is a reasonably successful technique of luring personalization on the fly, and analyze the costs of and se- people to sites where their browsers silently will be interro- curity properties of our proposed solution. gated and the contents of their caches sniffed. Once a phisher has created an association between an email address and the contents of the browser cache/history, Categories and Subject Descriptors then this can be used to target the users in question with H.4.3 [Information Systems]: Communications Applica- phishing emails that – by means of context – appear plausi- tions—Information browsers ble to their respective recipients. For example, phishers can infer online banking relationships (as was done in [4]), and General Terms later send out emails appearing to come from the appro- priate financial institutions. Similarly, phishers can detect Security, Human Factors possible online purchases and then send notifications stating that the payment did not go through, requesting that the Keywords recipient follow the included link to correct the credit card Browser cache, cascading style sheets, personalization, phish- information and the billing address.
    [Show full text]
  • Intermediaries: Ways of Exploiting New Technologies a Number of New Technologies Have Emerged Recently, Such As HTML 4.0, CSS2.0, XML and HTTP 1.1
    Web Focus Corner: Intermediaries: Ways Of Exploiting New Technologies A number of new technologies have emerged recently, such as HTML 4.0, CSS2.0, XML and HTTP 1.1. Other new web technologies appear to be waiting, just around the corner. But we can't expect all users to upgrade to the latest version of their favourite browser. In this article Brian Kelly describes ways in which new technologies can be deployed. Since February 1998 HTML 4.0 [1], CSS 2.0[2], the Mathematical Markup Language MathML [3] and the Extensible Markup Language XML [4] have all become W3C Recommendations. These web protocols, all of which are concerned with the way in which information can be represented and displayed, were initially Working Drafts which were developed by the appropriate W3C Working Group. The Working Drafts were then made publicly available as W3C Proposed Recommendations. Following a review period the Proposed Recommendations were voted on by W3C member organisations. Following a successful vote, the Proposed Recommendations became Recommendations. But how widely used are these new web protocols? Today's web community, being so large and consisting of a majority who probably have little interest in the underlying web technologies, is reluctant to upgrade to new versions of browsers, due to a lack of knowledge, interest, technical skills or resources. More experienced web users remember the "browser wars" and the problems of being an early adopter of technologies. What are the implications of this conservatism? Can we simply ignore these new technologies? Revisiting the recommendations and looking at the new features they provide it would appear that we cannot afford to ignore these technologies if we wish to develop richer, more elegant and more maintainable web services.
    [Show full text]
  • The Unexpected Dangers of Dynamic Javascript
    The Unexpected Dangers of Dynamic JavaScript Sebastian Lekies, Ruhr-University Bochum; Ben Stock, Friedrich-Alexander-Universität Erlangen-Nürnberg; Martin Wentzel and Martin Johns, SAP SE https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/lekies This paper is included in the Proceedings of the 24th USENIX Security Symposium August 12–14, 2015 • Washington, D.C. ISBN 978-1-939133-11-3 Open access to the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX The Unexpected Dangers of Dynamic JavaScript Sebastian Lekies Ben Stock Martin Wentzel Ruhr-University Bochum FAU Erlangen-Nuremberg SAP SE [email protected] [email protected] [email protected] Martin Johns SAP SE [email protected] Abstract the fly. In turn, this enabled the transformation of the Web’s initial document-centric nature into the versatile Modern Web sites frequently generate JavaScript on-the- platform that we know today. fly via server-side scripting, incorporating personalized 2. Browser-driven Web front-ends: Furthermore, the user data in the process. In general, cross-domain access Web browser has proven to be a highly capable container to such sensitive resources is prevented by the Same- for server-provided user interfaces and application logic. Origin Policy. The inclusion of remote scripts via the Thanks to the flexible nature of the underlying HTML HTML script tag, however, is exempt from this policy. model and the power of client-side scripting via Java- This exemption allows an adversary to import and exe- Script, the server can push arbitrary user interfaces to the cute dynamically generated scripts while a user visits an browser that rival their counterparts of desktop applica- attacker-controlled Web site.
    [Show full text]
  • Browseraudit: Automated Testing of Browser Security Features
    ifact t * r * Comple t te A A n * te W E is s * e C n l l o D C A o * * c T BrowserAudit: Automated Testing u e m S s E u e S e n I R t v e o d t y * s E a * a l d u e a of Browser Security Features t Charlie Sergio Maffeis Chris Novakovic Hothersall-Thomas Department of Computing Department of Computing Netcraft Ltd, UK Imperial College London, UK Imperial College London, UK [email protected] [email protected] [email protected] ABSTRACT As such, browsers need to offer a variety of standardised The security of the client side of a web application relies on security mechanisms which can be relied upon uniformly browser features such as cookies, the same-origin policy and by the client side of web applications, in order to deliver HTTPS. As the client side grows increasingly powerful and security guarantees to their users. For example, the same- sophisticated, browser vendors have stepped up their offering origin policy (SOP) [34] is effective at preventing a range of security mechanisms which can be leveraged to protect of cross-site scripting (XSS) attacks [38] against users' web it. These are often introduced experimentally and informally browsers and is an integral aspect of modern web-based se- and, as adoption increases, gradually become standardised curity. On the other hand, it is sometimes excessively strict; (e.g., CSP, CORS and HSTS). Considering the diverse land- for instance, it forbids the sharing of information between scape of browser vendors, releases, and customised versions different subdomains, a common requirement of large web for mobile and embedded devices, there is a compelling need sites.
    [Show full text]
  • 8 Myths About Mobile Optimization
    8 MYTHS ABOUT MOBILE OPTIMIZATION EXPLORE THE MOST COMMON MISCONCEPTIONS AROUND BUILDING MOBILE FRIENDLY SITES Introduction Did you use Google today? What about Amazon, Twitter or Netflix? If so, you have benefitted from device detection technology. Far from being outdated, device detection is more important than ever as the web is becoming increasingly global and is consumed on a wide range of devices. These days, it’s truly a world-wide web. Some web users are using powerful desktop PCs with big screens and high speed fibre connections; others are using mobile devices with unreliable 3G, data connections or airport WiFi. To think that the same web experience will work well for both is delusional, not to mention bad for business. Device detection helps smooth out these bumps in the user experience by helping to tailor the experience to the user. Tailoring the user experience means happier users and wider market reach. In this guide we will help you understand why the top web brands are all using device detection to deliver world-class experiences on the web. Ronan Cremin, DeviceAtlas CTO 8 Mobile Optimization Myths Myth #1 You need a separate mobile URL, unless you use responsive design. Some people may think there are only two options for a mobile-optimized site: you either go responsive, or build a mobile site with a different URL. This opinion assumes that the mobile site must be a very basic, useless version of the desktop site making mobile users tap the ‘switch to desktop’ button as soon as they can find it.
    [Show full text]
  • HTML5 for Publishing Decision Makers: the Technology Behind the Scenes of Interactive Books Q&A Webinar
    webinar Q&A HTML5 for Publishing Decision Makers: The Technology Behind the Scenes of Interactive Books Unanswered Questions from the March 26, 2013 Live Event Respondents: Jean Kaplansky, Solutions Architect, Aptara | Maria Bartoszewicki, Director of Interactive eBooks, Aptara Moderator: Jeremy Greenfield, Digital Book World Question Answer Where can a publishing house get With regard to information for appropriate business models to distribute content, information on appropriate business Google is your friend here. The first thing you need to start looking at is information models for starting to distribute their about content strategy in general. Business rules and content strategy drive content digitally? Guidance in working requirements for creation, production, all the way through distribution. One of the contracts with authors, working with best ways to get an introduction to this aspect of working with eBooks and previously published books, etc. would interactive content is to attend conferences like DBW and TOCC, where things like be appreciated. contacts and working with previously published books are discussed in conference sessions and sometimes during keynote speeches. –JK What is your opinion on the continued If your business requirements and content strategy dictate that you are going to use of Flash for highly interactive distribute content to the iOS platform, then Flash should not be used. If distribution content? to mobile platforms is a known future business requirement, then project teams should start investigating whether or not they can implement an HTML5-based solution now in order to create interactive content that will not have to be completely converted or rewritten in the future.
    [Show full text]
  • Atlantis: Robust, Extensible Execution Environments for Web Applications
    Atlantis: Robust, Extensible Execution Environments for Web Applications James Mickens Mohan Dhawan Microsoft Research Rutgers University [email protected] [email protected] ABSTRACT variety of standards that define the software stack for web Today’s web applications run inside a complex browser en- applications [14, 19, 36, 52, 55]. In practice, the aggregate vironment that is buggy, ill-specified, and implemented in specification is so complex that it is difficult for any browser different ways by different browsers. Thus, web applications to implement it properly. To further complicate matters, that desire robustness must use a variety of conditional code browser vendors often add new features without consulting paths and ugly hacks to deal with the vagaries of their run- other vendors. Thus, each browser defines an idiosyncratic time. Our new exokernel browser, called Atlantis, solves JavaScript interpreter, HTML parser, and layout engine. this problem by providing pages with an extensible execu- tion environment. Atlantis defines a narrow API for basic These components are loosely compatible across different services like collecting user input, exchanging network data, vendors, but fine-tuning an application for multiple brows- and rendering images. By composing these primitives, web ers often means developing specialized application code in- pages can define custom, high-level execution environments. tended for just one browser. For example: Thus, an application which does not want a dependence on Atlantis’ predefined web stack can selectively redefine com- • Writing a portable web-based GUI is challenging be- ponents of that stack, or define markup formats and script- cause different browsers handle mouse and keyboard ing languages that look nothing like the current browser run- events in different, buggy ways (§2.4.1).
    [Show full text]
  • HTML5 Advertising Going Forward ������������������������������������������������������������325
    www.it-ebooks.info For your convenience Apress has placed some of the front matter material after the index. Please use the Bookmarks and Contents at a Glance links to access them. www.it-ebooks.info Contents at a Glance Foreword ��������������������������������������������������������������������������������������������������������������������������� xix About the Author ��������������������������������������������������������������������������������������������������������������� xxi About the Technical Reviewer ����������������������������������������������������������������������������������������� xxiii Acknowledgments ������������������������������������������������������������������������������������������������������������ xxv Introduction �������������������������������������������������������������������������������������������������������������������� xxvii ■ Chapter 1: The Campaign Process �������������������������������������������������������������������������������������1 ■ Chapter 2: Evolution of Advertising Technology ��������������������������������������������������������������21 ■ Chapter 3: Advertising with Web Standards ��������������������������������������������������������������������37 ■ Chapter 4: Using Canvas, SVG, and Web Fonts ����������������������������������������������������������������61 ■ Chapter 5: Animations and Presentations �����������������������������������������������������������������������85 ■ Chapter 6: HTML5 APIs ��������������������������������������������������������������������������������������������������121
    [Show full text]