NULL and Undefined
In JavaScript, undefined
means a variable has been declared but has not yet been assigned a value, such
as:
var TestVar;
alert(TestVar); //shows
undefined
alert(typeof TestVar); //shows undefined
null is an assignment
value. It can be assigned to a variable as a representation of no value:
var TestVar = null;
alert(TestVar); //shows
null
alert(typeof TestVar); //shows object
== and ===
=== and !== are strict comparison operators:
JavaScript has both
strict and type-converting equality comparison. For strict equality the objects
being compared must have the same type and:
·
Two strings are strictly
equal when they have the same sequence of characters, same length, and same
characters in corresponding positions.
·
Two numbers are strictly
equal when they are numerically equal (have the same number value). NaN is not
equal to anything, including NaN. Positive and negative zeros are equal to one
another.
·
Two Boolean operands are
strictly equal if both are true or both are false.
·
Two objects are strictly
equal if they refer to the same Object.
·
Null and Undefined types
are == (but not ===). [I.e. Null==Undefined (but not Null===Undefined)]
<script type="text/javascript"
language="javascript">
function
test() {
var
a;
alert(a);
var
b = null
alert(b);
if
(a == b) {
alert('==');
}
if
(a === b) {
alert('===');
}
}
</script>
Here
are some major differences between HTTP and HTTPS:
|
HTTP
|
HTTPS
|
|
URL begins with “http://”
|
URL begins with “https://”
|
|
It uses port 80 for communication
|
It uses port 443 for communication
|
|
Unsecured
|
Secured
|
|
Operates at Application Layer
|
Operates at Transport Layer
|
|
No encryption
|
Encryption is present
|
|
No certificates required
|
Certificates required
|
HTTP vs HTTPS: Similarities and Differences
What is HTTPS?
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or
HTTP over SSL) is a web protocol developed by Netscape.
One can say: HTTPS = HTTP + SSL
HTTPS uses Secure Socket Layer (SSL) as a sublayer under its
regular HTTP application layering.
Need of HTTPS:
Hypertext Transfer Protocol (HTTP) is a protocol for
transmitting and receiving information across the Internet. HTTP serves as a
request and response procedure that all agents on the Internet follow so that
information can be rapidly, easily, and accurately disseminated between
servers, which hold information, and clients, who are trying to access it. You
normally use HTTP when you are browsing the web, its not secure, so someone can
eavesdrop on the conversation between your computer and the web server. In many
cases, clients may be exchanging confidential information with a server, which
needs to be secured in order to prevent unauthorized access. For this reason,
https, or secure http, was developed by Netscape corporation to allow
authorization and secured transactions.
Similarity between HTTP and HTTPS:
In many ways, https is identical to http, because it follows the
same basic protocols. The http or https client, such as a Web browser, establishes
a connection to a server on a standard port. When a server receives a request,
it returns a status and a message, which may contain the requested information
or indicate an error if part of the process malfunctioned. Both systems use the
same Uniform Resource Identifier (URI) scheme, so that resources can be
universally identified. Use of https in a URI scheme rather than http indicates
that an encrypted connection is desired.
Difference between HTTP and HTTPS:
1. URL begins with “http://" in case of HTTP while the URL
begins with “https://” in case of HTTPS.
2. HTTP is unsecured while HTTPS is secured.
3. HTTP uses port 80 for communication while HTTPS uses port 443 for communication.
4. HTTP operates at Application Layer while HTTPS operates at Transport Layer.
5. No encryption is there in HTTP while HTTPS uses encryption.
6. No certificates required in HTTP while certificates required in HTTPS.
2. HTTP is unsecured while HTTPS is secured.
3. HTTP uses port 80 for communication while HTTPS uses port 443 for communication.
4. HTTP operates at Application Layer while HTTPS operates at Transport Layer.
5. No encryption is there in HTTP while HTTPS uses encryption.
6. No certificates required in HTTP while certificates required in HTTPS.
How HTTPS works?
For HTTPS connection, public key and signed certificates are
required for the server.
When using an https connection, the server responds to the
initial connection by offering a list of encryption methods it supports. In
response, the client selects a connection method, and the client and server
exchange certificates to authenticate their identities. After this is done,
both parties exchange the encrypted information after ensuring that both are
using the same key, and the connection is closed. In order to host https
connections, a server must have a public key certificate, which embeds key information
with a verification of the key owner's identity. Most certificates are verified
by a third party so that clients are assured that the key is secure.
In other words, we can say, HTTPS works similar to HTTP but SSL
adds some spice in it.
HTTP includes the following actions:
1. The browser opens a TCP connection.
2. The browser sends a HTTP request to the server
3. The server sends a HTTP response to the browser. 4. The TCP connection is closed.
2. The browser sends a HTTP request to the server
3. The server sends a HTTP response to the browser. 4. The TCP connection is closed.
SSL will include the following actions:
1. Authenticate the server to the client.
2. Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support.
3. Optionally authenticate the client to the server.
4. Use public-key encryption techniques to generate shared secrets.
5. Establish an encrypted SSL connection.
2. Allow the client and server to select the cryptographic algorithms, or ciphers, that they both support.
3. Optionally authenticate the client to the server.
4. Use public-key encryption techniques to generate shared secrets.
5. Establish an encrypted SSL connection.
6. Once the SSL connection is established the usual transfer of
HTTP requests will continue.
Where should https be used?
HTTPS should be used in Banking Websites, Payment Gateway,
Shopping Websites, Login Pages, Emails (Gmail offers HTTPS by default in Chrome
browser) and Corporate Sector Websites. For example:
Beware of using Credit Card Numbers on
Internet: If a website
ever asks you to enter your credit card information, you should automatically
look to see if the web address begins with https://. If it doesn't, there's no
way you're going to enter sensitive information like a credit card number!
Browser integration
Most browsers display a warning if they receive an invalid
certificate. Older browsers, when connecting to a site with an invalid
certificate, would present the user with a dialog box asking if they wanted to
continue. Newer browsers display a warning across the entire window. Newer
browsers also prominently display the site's security information in the
address bar. Extended validation certificates turn the address bar green in
newer browsers. Most browsers also display a warning to the user when visiting
a site that contains a mixture of encrypted and unencrypted content.
No comments:
Post a Comment