Server-side scripting - HTML

Server-side scripts are run by the Web server. Typically, these scripts are referred to as CGI scripts, CGI being an acronym for Common Gateway Interface, the first interface for server-side Web scripting. Server-side scripts impose more load on the server, but generally don’t influence the client—even output to the client is optional; the client may have no idea that the server is running a script.

Perl, Python, PHP, and Java are all examples of server-side scripting languages. The script typically resides only on the server, but is called by code in the HTML document. Although server-side scripts cannot read or write to the client’s file system, they usually have some access to the server’s file system. As such, it is important that the system administrator take appropriate measures to secure server-side scripts and limit their access.

Note Unless you are a system administrator on the Web server you use to deploy your content, your ability to use server-side scripts is probably limited. Your ISP or system administrator has policies that allow or disallow server-side scripting in various languages and performing various tasks.

If you intend to use server-side scripts, you should check with your ISP or system administrator to determine what resources are available to you. This chapter deals with client-side scripting.

Setting the Default Scripting Language

To embed a client-side script in your document you use the <script> tag. This tag has the following, minimal format:

<script type=“script_type”>

The value of script_type depends on the scripting language you are using. The following are generally used script types:

✦ text/ecmascript ✦ text/javascript ✦ text/jscript ✦ text/vbscript ✦ text/vbs ✦ text/xml

For example, if you are using JavaScript, your script tag would resemble the following:

<script type=“text/javascript”>

Note The W3C recommends that you specify the default script type using an appropriate META tag in your document. Such a tag resembles the following:

<META http-equiv=“Content-Script-Type” content=“text/javascript”>

Note that this does not alleviate the need for the type attribute in each <script> tag. You must still specify each <script> tag’s type in order for your documents to validate against HTML 4.01. If your script is encoded in another character set than the rest of the document, you should also use the charset attribute to specify the script’s encoding. This attribute has the same format as the charset attribute for other tags:

charset=“character_encoding_type

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

HTML Topics