index.html

<!doctype html>
<html>
	<head>
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">

		<title>Fundamentals of Web</title>

		<link rel="stylesheet" href="css/reveal.css">
		<link rel="stylesheet" href="css/theme/white.css">
		<link rel="stylesheet" href="lib/css/zenburn.css">

		<script>
			var link = document.createElement( 'link' );
			link.rel = 'stylesheet';
			link.type = 'text/css';
			link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css';
			document.getElementsByTagName( 'head' )[0].appendChild( link );
		</script>
		<style>
			img { border:none;}
			div {
			    text-align: left;
			}

			.reveal section img {
 				border:none; 
 				box-shadow: none; 
 				background: #fff; 
 			}

 			.reveal pre code
 			{
 				max-height: 600px;
 			}
		</style>
	</head>
	<body>
		<div class="reveal">
			<div class="slides">
				<section>
					<h3>Fundamentals of Web</h3>
				</section>

				<section>
					<h3>Content</h3>
					<div style="font-size: 24px;">
						<a href="#/2">HTTP Overview</a><br />
						<a href="#/3">Basic HTTP Concepts</a> <br />
						<a href="#/4">HTTP Connections </a><br />
						<a href="#/5">State<br />
						<a href="#/6">Other HTTP Concepts</a><br />
						<a href="#/7">Problems with HTTP/1.1</a><br />
						<a href="#/8">HTTP/2.0</a><br />
						<a href="#/9">HTTP Security</a><br />
						<a href="#/10">Performance Optimization</a><br />
						<a href="#/11">How browser works</a></a> <br />
						<a href="#/12">Application Servers and OS</a> <br />
						<a href="#/13">Common Web App Problems</a> <br />
						<a href="#/14">Web apps vs desktop apps</a> <br />
					</div>
				</section>

				<section>
					<section>
						<h3>HTTP Overview</h3>
					</section>

					<section>
						<div>
							Hyper text transfer protocol (HTTP) is the most adopted application protocol used today. It is the common language between clients and servers, enabling the modern web.
						</div>
					</section>

					<section>
						<h3>HTTP vs WWW</h3>
					</section>

					<section>
						<div>
							HTTP is the protocol. WWW (world wide web) is the concept that uses web pages. WWW uses HTTP to serve web pages. 
						</div>
					</section>

					<section>
						<h3>Brief history of HTTP</h3>
					</section>

					<section>
						<div>
							Initial specs of HTTP was very simple.
							<img data-src="images/originalhttp.png" />
						</div>
					</section>

					<section>
						<h3>HTTP 0.9: One line protocol</h3>
						<div>
							HTTP/0.9 was <a href="https://www.ietf.org/rfc/rfc1945.txt">released</a> in 1991 by Tim Barnes Lee. <br />
							It was a text based request, response protocol. <br />
							Only HTML was supported.<br />
							After each request, connection was terminated. <br />
						</div>
					</section>

					<section>
						<h3>HTTP 0.9</h3>
						<img data-src="images/http09.PNG" />
					</section>

					<section>
						<h3>HTTP/1.0 : Rapid growth</h3>
						<div>
							Later on, HTTP/0.9 was <a href="https://tools.ietf.org/html/rfc1945">extended</a> to HTTP/1.0, request and response headers, images, text files, CSS were added. Every connection required a 3 way handshake which was very wasteful. 
						</div>
					</section>

					<section>
						<h3>HTTP 1.0</h3>
						<img data-src="images/http10.PNG" />
					</section>

					<section>
						<h3>HTTP/1.1 : Internet Standard</h3>
						<div>
							In 1999, HTTP/1.1 was <a href="https://www.w3.org/Protocols/rfc2616/rfc2616.html">released</a>.<br /> 
							Persistent connections, and host headers were added. 
							<br />
							With host headers, it was possible to host multiple sites for an IP. It was a breakthrough. <br />
						</div>
					</section>

					<section>
						<h3>HTTP/1.1</h3>
						<img data-src="images/persistentconnections.png">
					</section>

					<section>
						<h3>HTTP/2.0 : Improving Transport Performance</h3>
						<div>
							It was 2015 when HTTP/2 <a href="https://tools.ietf.org/html/rfc7540">released</a> with several enhancements to prior versions, mostly targeting performance and common HTTP/1.1 problems.  
						</div>
					</section>

				</section>

				<section>

					<section>
						<h3>Basic HTTP Concepts</h3>
					</section>

					<section>
						<h3>Request/Response Model</h3>
						<div>
							Client communicates with the server using messages (request and response message).<br />
							Request/Response pair is also called an HTTP transaction.
						</div>

						<img src="images/request_response.png" />
					</section>

					<section>
						<h3>URLs</h3>
						<div>Uniform Resource Locators (URLs) are used in the request message for communication.</div>

						<img src="images/http1-url-structure.png" />
					</section>
					
					<section>
						<h3>Verbs</h3>
						<div>HTTP verbs are used to take an action on specific resource(s).<br />
						GET, POST, PUT, DELETE, PATCH, HEAD are some of them. 
						</div>
					</section>

					<section>
						<h3>GET vs POST</h3>
						<div>
							<ul>
								<li>GET can be cached and bookmarked</li>
								<li>Get is visible to eye, but POST is not.</li>
								<li>GET has length limitations. Post does not have any length limitations.</li>
								<li>GET is idempotent and safe.</li>
								<li>POST is not idempotent and not safe.</li>
							</ul>
						</div>	
					</section>

					<section>
						<h3>HTTP Status Codes</h3>

						<ul>
							<li>1xx : Informational</li>
							<li>2xx : Successful</li>
							<li>3xx : Redirect</li>
							<li>4xx : Client Error</li>
							<li>5xx : Server Error</li>
						</ul>
					</section>

					<section>
						<div>
							<ul>
								<li>100 : Continue</li>
								<li>200 : OK</li>
								<li>201 : Created</li>
								<li>301 : Moved Permanently</li>
								<li>304 : Not Modified</li>
								<li>307 : Temporary Redirect</li>
								<li>400 : Bad Request</li>
								<li>401 : Unauthorised</li>
								<li>403 : Forbidden</li>
								<li>404 : Not found</li>
								<li>500 : Internal server error</li>
								<li>503 : Service unavailable</li>
							</ul>
						</div>
					</section>

					<section>
						<h3>Request/Response format</h3>
					</section>

					<section>
						<h3>Request Format</h3>

						<div>
							[Method] [URL] [Version] <br />
							[Headers] <br />
							[Body]
						</div>

						<pre><code class="hljs">
GET /articles/http-overview HTTP/1.1
Host: www.firat.com
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
						</code></pre>
					</section>

					<section>
						<h3>Response Format</h3>
						<div>
							[Version] [Status] [Reason] <br />
							[Headers] <br />
							[Body]
						</div>
						<pre><code class="hljs">HTTP/1.1 200 OK
Date: Mon, 01 Apr 2019 20:54:26 GMT
Server: Apache/1.3.6 (Unix)
Last-Modified: Mon, 01 Apr 2019 14:06:11 GMT
ETag: "2f5cd-964-381e1bd6"
Accept-Ranges: bytes
Content-length: 327
Connection: close
Content-type: text/html
.... Content here ....</code></pre>
					</section> 

					<section>
						<h3>Content/Mime Types</h3>
						<div>
							Various content types are supported by HTTP. A media type (also known as a Multipurpose Internet Mail Extensions or MIME type) is a standard that indicates the nature and format of a document. <br />
							They are structured in `type/subtype` format such as: application/json, text/html etc.
						</div>
					</section> 

					<section>
						<h3>Content Negotiation</h3>
						<div>
							Content negotiation makes it possible to serve different representation of a document from the same URI, so that user agents can specify which version fits their capabilities the best.
						</div>
					</section>

					<section>
						<h3>Headers</h3>
						<div>
							<strong>General Headers :</strong> date, connection etc. Used by both clients and server.<br/>
							<strong>Request Headers :</strong> Used by client to indicate client configuration.<br/>
							<strong>Response Headers :</strong> used by servers to describe server configuration and URL's information.<br/>
							<strong>Entity Headers :</strong> Used by servers to describe entities, resources. <br/>
						</div>
					</section>

					<section>
						<h3>Request Headers</h3>
						<img src="images/httpheaders.png">
					</section>

					<section>
						<h3>Response Headers</h3>
						<img src="images/httpresponseheaders.png" />
					</section>

					<section>
						<h3>HTTP Compression</h3>

						<div>
							Compression helps reduce bandwidth usage and transfer size/speed.<br/>
							HTTP compression is enabled on server side and client should support it.<br/>
						</div>
					</section>

					<section>
						<h3>Compression Headers</h3>
						<div>
							Request-Header : Accept-Encoding: gzip, deflate <br/>
							Response-Header : Content-Encoding: gzip, deflate <br />
							Other compression types : ie brotli, protobuf is available.
						</div>
					</section>

					<section>
						<h3>HTTP Caching</h3>
						<div>
							Time based caching <br />
							Content based caching <br />
							Request/Response Caching.
						</div>
					</section>

					<section> 
						<div>
							<pre><code>
Last-Modified: Mon, 01 Jan 2018 17:55:15 GMT
Expires: Sat 22 Jan 2029 12:00:00 GMT
Cache-Control: max-age=315360000
							</code></pre>

							<pre><code>
Last-Modified: Mon, 01 Jan 2018 17:55:15 GMT
Etag: "8e5bcd-59f-segedbht"
							</code></pre>

							<pre><code>
#Request
if-modified-since: Wed, 01 Jan 2017 17:33:12 GMT
#Response
HTTP/1.1 304 Not Modified 
Expires: Sat, 11 April 2018 17:33.12
							</code></pre>
						</div>
					</section>

					<section>
						<strong>Cache Modes</strong>
						<div>
							Private: within a browser URLs, browsing history and web content. Generally small and specific to a user.<br />
							Public: Can be cached in down streams such as proxies, CDN etc. 
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>HTTP Connections</h3>
					</section>

					<section>
						<div>
							The internet consists of 5 layers of OSI model. <br />
							Everything runs on transport layer which for HTTP is TCP.
						</div>
					</section>

					<section>
						<img src="images/httpconnections.png" />
					</section>

					<section>
						<div>
							Prior to HTTP/1.1 for every request there was a connection setup and tear down (<strong>Short lived Connections</strong>). With HTTP/1.1 persistent connections and connection pipelining was developed. 
						</div>
					</section>

					<section>
						<div>
							The <strong>TCP handshake</strong> itself is time consuming.
						</div>
						<img src="images/3wayhandshake.PNG" />
					</section>

					<section>
						<div>
							The <strong>persistent-connection (keep-alive)</strong> model keeps connections open between successive requests, reducing the time needed to open new connections and thus saving resources. HTTP pipelining goes one step further and sends multiple requests without waiting for a response. Idle connections are closed after a while because they consume resources on the server. 
						</div>
					</section>

					<section>
						<img src="images/connections.png" />
					</section>

					<section>
						<img src="images/singleconnection.PNG" />
					</section>

					<section>
						<div>
							A packet or <a href="https://en.wikipedia.org/wiki/Transmission_Control_Protocol">TCP</a> packet in specific, is series of bytes, encapsulated in a format or data structure called <a href="https://en.wikipedia.org/wiki/Frame_(networking)">frame</a>. Frames contain several information such as how long the packet is, how it should be delivered, where it is coming from and going to. <strong>A packet's payload can effectively contain 1460 bytes at most</strong>.
						</div>
					</section>

					<section>
						<img src="images/tcppackages.PNG" />
					</section>

					<section>
						<div>
							 Slow start is used to detect the current state of the network. If there is a congestion in the network, new connections shouldn't make it worse. Slow start allows the sender to send additional unacknowledged packet for every acknowledged packet it receives.  This means that after initial connection, and one acknowledged packet, sender sends two, after getting acknowledgement for two packets, sender can send four and so on. 
						</div>
					</section>

					<section>
						<div>
							 This geometric growth soon reaches an upper limit defined in the protocol at which point the connection will enter what is called the <strong>congestion avoidance phase</strong>.
						</div>
					</section>

					<section>
						<div>
							It usually takes a few round trips to get the optimal congestion window size which are very precious to determine the performance. Usually operating systems start with 4 packets which makes 5840 bytes for initial congestion window size.
						</div>
					</section>

					<section>
						<div>
							Browsers commonly opens up six connections to a particular host. Congestion window needs to occur six times in parallel. TCP will make sure that those connections play nicely together, but it does not guarantee that their performance will be optimal.
						</div>
					</section>

					<section> 
						<div>
							TCP Provides reliability and ordering. <br />
							Avoid congestion with flow control. 
						</div>
					</section>

					<section>
						<h3>SSL/TLS Handshake</h3>
					</section>

					<section>
						<img src="images/ssl.gif" />
					</section>

					<section>
						<div>
							<ul>
							 	<li>The client issues a secure session request.</li>
							 	<li>Server sends back x.509 certificate containing server's public key.</li>
							 	<li>Client authenticates server's certificate against list of known <a href="https://en.wikipedia.org/wiki/Certificate_authority">CAs (Certificate Authority)</a>. If the certificate is not in the list, user is prompt to accept the certificate.</li>
							 	<li>Client generates random symmetric key and encrypts it using server's public key.</li>
							 	<li>Client and user now both have the symmetric key. Client send data using this symmetric key to the server during the session.</li>
							</ul>
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>State</h3>
					</section>

					<section>
						<div>
							By default HTTP is stateless, session ,cookies and some browser support enables storing state.
						</div>
					</section>

					<section>
						<h3>Cookies</h3>
						<div>Cookies are small piece of data (in the shape of key value pairs) stored on the browser and sent to server via request headers per each request. In HTTP/1.1 Headers are not compressed so keeping cookies small is important.</div>
					</section>

					<section>
						<h3>Web/HTTP Session</h3>
						<div>
							Web/HTTP session is created in server and identified by a unique key (session id). Session is a data storage (hash table/dictionary) that contains data in key/value pair. 
						</div>
					</section>

					<section> 
						<div>
							User session contains information about user across multiple HTTP requests.Session ID can be stored in cookies or URL.
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>Other HTTP Concepts</h3>
					</section>

					<section>
						<h3>Latency</h3>
						<div>
							How long it takes for an IP packet to get from one location to another. Round trip time (RTT) is twice the latency. Latency is the major bottleneck for HTTP which uses many round trips to the server. It is limited by the speed of light.
						</div>
					</section>

					<section>
						<img src="images/latency.png" />
					</section>

					<section>
						<h3>Bandwidth</h3>
						<div>
							Connection between two locations, can handle only so much data at a time before it is saturated. Bandwidth can be bottleneck depending on the amount of data and the capacity of the connection.
						</div>
					</section>

					<section>
						<img src="images/bandwidthlatency.PNG">
					</section>

					<section>
						<h3>Connection Time</h3>
						<div>
							Establishing a connection requires a Round trip between the client and the server called the "Three Way Handshake." This handshake time is generally related to the latency between the client and the server.
						</div>
					</section>

					<section>
						<h3>TLS negotiation time</h3>
						<div>
							If the client is making an HTTPS connection, it needs to negotiate Transport Layer Security (TLS) the successor to Secure Socket Layer (SSL). This involves more round trips on top of server and client processing time.
						</div>
					</section>

					<section>
						<h3>TTFB – Time to first byte</h3>
						<div>
							 Time to first byte is the time passed from a client request to start receiving the response from the server. It is the sum of DNS lookup, Connection setup, TLS handshake.
						</div>
					</section>

					<section>
						<h3>TTLB - Time to last byte</h3>
						<div>
							<strong>Content Download time, time to last byte or TTLB:</strong> This is the time for all the content to complete downloading to client.
						</div>
					</section>

					<section>
						<h3>Start Render Time</h3>
						<div>
							This is the time when user start seeing something on the browser, or browser starts paint process.
						</div>
					</section>

					<section>
						<h3>Document Complete, Page Load Time</h3>
						<div>
							 This is the duration which is considered client completely downloaded the page and rendered it.
						</div>
					</section>

					<section>
						<h3>DNS lookup</h3>
						<div>
							Before a client can fetch a web page it needs to translate the hostname to an IP address using the Domain Name System (DNS). This needs to happen for every unique hostname on the fetched HTML page as well, this information can be cached.
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>Problems with HTTP/1.1</h3>
					</section>

					<section>
						<div>
							<ul>
							 	<li>It wasn’t designed for todays apps</li>
							 	<li>Requires multiple connections</li>
							 	<li>Lack of prioritization</li>
							 	<li>Verbose headers</li>
							 	<li>Head of line blocking</li>
							</ul>
						</div>
					</section>

					<section>
						<h3>Multiple Connections</h3>

						<div>
							When the app requires 50+ HTTP requests, there is a limit to the number of connections a browser can open per host, most browsers support 6 connections simultaneously.
						</div>
					</section>

					<section>
						<h3>Lack of prioritization</h3>
						<div>
							Priority is decided by browser. Not be developer or the application. There is no way to specify the order or responses. Browsers need to decide how to best use the connections and the order of resources.
						</div>
					</section>

					<section>
						<h3>Verbose Headers</h3>
						<div>
							There is no header compression. Headers, cookies send to the server for every request which is inefficient especially for very high volume sites.
						</div>
					</section>

					<section>
						<h3>Head of line blocking</h3>
						<div>
							Once the connection is created, it is dedicated for specific request, until the response comes back, it cannot be used. ie: If you need to get 30 resources from host, you can get 6 at a time. Once you request 6 resources, the others must wait for these 6 requests to finish.
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>HTTP/2.0</h3>
						<div>
							<a href="https://http2.github.io/http2-spec/" target="firat">Specs</a>

							<br />
							<a href="https://imagekit.io/demo/http2-vs-http1">
								Performance difference
							</a>
						</div>
					</section>

					<section>
						<div>
							<h3>Goals of HTTP/2.0</h3>
							<ul>
							 	<li>Minimize impact of Latency</li>
							 	<li>Avoid head of line blocking</li>
							 	<li>Single connection per host</li>
							 	<li>Backwards compatible</li>
							 	<li>Fall back to HTTP/1.1</li>
							</ul>
						</div>
					</section>

					<section>
						<div>
							<h3>Major Features</h3>
							<ul>
								<li>Binary framing and streams</li>
								<li>Multiple requests over Single connection.</li>
								<li><a href="https://http2.github.io/http2-spec/compression.html">HPack</a>/Header Compression</li>
								<li>No more 3way handshake</li>
							</ul>
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>HTTP Security</h3>
					</section>

					<section>
						<h3>Redirect Validation</h3>
						<div>
							Unvalidated redirects and forwards can send users to attacker's site. <br />
							HTTP redirects with 3xx (except 304 , not modified).Redirects to relative URIs can be allowed, as well as redirects to the same site.
						</div>
					</section>

					<section>
						<h3>CSP (Content Security Policy)</h3>
						<div>
							Code from https://mybank.com should only have access to https://mybank.com’s data, and https://evil.example.com should certainly never be allowed access. <br /> 
							Content-Security-Policy (CSP) provides a safety net for injection attacks by specifying a whitelist from where various content in a webpage can be loaded from.
						</div>
					</section>

					<section>
						<h3>Upgrade insecure requests</h3>
						<div>
							Upgrades all requests triggered by a page from HTTP to HTTPS. If there is a none secure resource on a page, it will be upgraded to a secure version.
						</div>
					</section>

					<section>
						<h3>HSTS : Strict Transport Security</h3>
						<div>
							HSTS tell browser 2 things: <br />
							1. Load all content from your domain over HTTPS. <br />
							2. Refuses to connect in case of certificate errors and warnings
						</div>
					</section>

					<section>
						<h3>X-Frame Options</h3>
						<div>
							Tells the browser if `iframe, frame, embed or object` can be used in a page or not. If so how to use it. Avoid clickjackig attacks.
						</div>
					</section>

					<section>
						<h3>X-Download-Options</h3>
						<div>
							Disables to option to open a file directly on download.
						</div>
					</section>

					<section>
						<h3>X-XSS-Protection</h3>
						<div>
							If browser detects an XSS attack, it will modify the page to block the attack.
						</div>
					</section>

					<section>
						<h3>X-Content-Type-Options</h3>
						<div>
							Browser does not allow modification of Content/Mime type.
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>Performance Optimization</h3>
					</section>

					<section>
						<div>
							<ul>
								<li>Reducing number of HTTP requests</li>
								<li>Client side caching</li>
								<li>Domain sharding</li>
								<li>Bundling and minification</li>
								<li>DNS prefetch/resource hints</li>
								<li>Preconnect/Prerender</li>
								<li>Image Striping</li>
								<li>And much more.</li>
							</ul>
						</div>
					</section>

					<section>
						<h3>Reducing number of HTTP requests</h3>
						<div>
							This is the most important in performance. The more HTTP requests, the slower you page is. 
						</div>
					</section>

					<section>
						<h3>Client Side Caching</h3>
						<div>
							Nothing is faster than serving resources from the client's machine. No network resources will be used.
							<br />
							Client side caching TTL can be set through the HTTP header <strong>"cache control"</strong> and the key <strong>"max-age" (in seconds)</strong>, or the <strong>“expires”</strong> header.
							<br />
							Static content like images, JS, CSS and other files can be versioned. Once the version changes, client makes a request to get the newer version from the server.
							<br />
							https://foo.com/styles.css?<strong>v=342</strong>
						</div>
					</section>

					<section>
						<h3>Domain Sharding</h3>
						<div> 
							<ul>
								<li>Requests more resources.</li>
								<li>Requires more DNS lookups.</li>
							</ul>
						</div>
					</section>

					<section>
						<h3>Bundling and minification</h3>
						<div>
							Bundling and minification is good for reducing HTTP requests, which will have positive impact on the performance. <br />
							CSS and JS can benefit from bundling and minification. Also, you can minify HTML content.
						</div>
					</section>

					<section>
						<h3>DNS prefetch/resource hints</h3>
						<div>
							Typically DNS is queried once the browser completes rendering HTML.<br />

							DNS prefetch and resourse hints tell the browser to resolve DNS to HTML rendering. <br />
						</div>
					</section>

					<section>
						<h3>Preconnect / Prerender</h3>
						<div>
							These techniques allow browsers to connect and begin rendering as early as possible.
						</div>
					</section>

					<section>
						<h3>Using Stripes for images</h3>
						<img src="images/sprite-sheet.png" />
					</section>

					<section>
						<h3>Performance evaluation</h3>
					</section>

					<section>
						<div>
							<ul>
							 	<li>Latency Test - Measures end to end transaction time.</li>
							 	<li>Throughput Test - Measures number of concurrent transactions a system can handle.</li>
							 	<li>Load Test - a boolean test, if the system can handle the load or not.</li>
							 	<li>Stress Test - Finds out the breaking point of a system.</li>
							</ul>
						</div>
					</section>

					<section>
						<div>
							<ul>
							 	<li>Endurance Test - Measures if there are any anomalies during tests.</li>
							 	<li>Capacity Test - Made to find out whether the system performs as expected based on capacity planning and provisioning.</li>
							 	<li>Degradation Test - Made to find out when the system performance degrades.</li>
							</ul>
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>How browsers work</h3>
					</section>

					<section>
						<img src="images/browserlayers.png" />
					</section>

					<section>
						<h3>The user interface</h3>
						<div>
							This includes the address bar, back/forward button, bookmarking menu, etc. Every part of the browser display except the window where you see the requested page.
						</div>
					</section>

					<section>
						<h3>The browser engine</h3>
						<div>
							Marshals actions between the UI and the rendering engine.
						</div>
					</section>

					<section>
						<h3>The rendering engine</h3>
						<div>
							 Responsible for displaying requested content. For example if the requested content is HTML, the rendering engine parses HTML and CSS, and displays the parsed content on the screen.
						</div>
					</section>

					<section>
						<h3>Networking</h3>
						<div>
							For network calls such as HTTP requests, using different implementations for different platform behind a platform-independent interface.
						</div>
					</section>

					<section>
						<h3>UI backend</h3>
						<div>
							Used for drawing basic widgets like combo boxes and windows. This backend exposes a generic interface that is not platform specific. Underneath it uses operating system user interface methods.
						</div>
					</section>

					<section>
						<h3>JavaScript interpreter</h3>
						<div>
							Used to parse and execute JavaScript code.
						</div>
					</section>

					<section>
						<h3>Data storage</h3>
						<div>
							This is a persistence layer. The browser may need to save all sorts of data locally, such as cookies. Browsers also support storage mechanisms such as localStorage, IndexedDB, WebSQL and FileSystem.
						</div>
					</section>

					<section>
						<h3>Critical Rendering Path</h3>
						<div>
							DOM (Document object model) is the object representation of the page.<br />
							CSSOM (CSS Object Model) is the object representation of the styles associated with DOM.<br />
						</div>
					</section>

					<section>
						<div>
							<ol>
								<li>Constructing the DOM Tree</li>
								<li>Constructing the CSSOM Tree</li>
								<li>Running JavaScript</li>
								<li>Creating the Render Tree</li>
								<li>Generating the Layout</li>
								<li>Painting</li>
							</ol>
						</div>
					</section>

					<section>
						<img src="images/crp.png" />
					</section>

					<section>
						<pre><code class="hljs markdown">&lt;html&gt;
&lt;head&gt;
  <title>Understanding the Critical Rendering Path</title>
  &lt;style&gt;
    body { font-size: 18px; }

	header { color: plum; }
	h1 { font-size: 28px; }

	main { color: firebrick; }
	h2 { font-size: 20px; }

	footer { display: none; }
  &lt;/style&gt;
&lt;/head&gt;
&lt;body&gt;
  <header>
      <h1>Understanding the Critical Rendering Path</h1>
  </header>
  <main>
      <h2>Introduction</h2>
      <p>Lorem ipsum dolor sit amet</p>
  </main>
  <footer>
      <small>Copyright 2019</small>
  </footer>
&lt;/body&gt;
&lt;/html&gt;</code></pre>
					</section>

					<section>
						<img src="images/CSSOM.png" />
					</section>

					<section>
						<img src="images/timeline.png" />
					</section>

					<section>
						<div>
							CSS is render blocking resource, both blocks the page rendering and javascript execution. <br />
							JavaScript is parser blocking resource, which means parsing of HTML is blocked by JavaScript. <br />
							When the parser reaches a Script tag, it stops, fetches the JavaScript and runs it. <br />
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>Application Servers and OS</h3>
					</section>

					<section>
						<div>
							There are multiple models such as Threading model, Event loop and hybrids. <br />
							Traditional model is with thread and tasks. With NodeJS event loop was developed that ran single threaded with non blocking IO. NodeJs is good for IO bound applications. 
						</div>
					</section>

					<section>
						<img src="images/eventloop_threadpool.png" />
					</section>

					<section>
						<dir>
							Memory management and Garbage collection is used to alloc and free memory. Each process has a private memory space. Garbage collector asks OS for memory and manages it. aka Managed heap. Deals with collection garbage. Mark, sweep and compact. There may be multiple heaps. 
						</dir>
					</section>

					<section>
						<img src="images/gc.png" />
					</section>
				</section>

				<section>
					<section>
						<h3>Common Problems with Web Applications</h3>
					</section>

					<section>
						<div>
							<strong>#1: Big systems fail more often than small systems.</strong> Big systems have more external and internal dependencies along with many moving parts. Therefore, big systems should have many defensive mechanisms in place.
						</div>
					</section>

					<section>
						<div>
							<strong>#2: Blocked threads are the number one cause of most failures.</strong>Slow applications and hung threads are the most popular reasons of failures. These reasons lead to cascading failures and chain reactions. Blocked/hung threads can happen due to several reasons like deadlocks, starvation and live locks. Hung thread detection policies, timeouts, circuit breakers and bulkheads can prevent these failures.
						</div>
					</section>

					<section>
						<div>
							<strong>#3: Integration points are number one killer in any system.</strong>. Every integration point eventually fails, however a failure in the integration point shouldn’t take down the whole application. Cascading failures occur when problems in one integration point propagates. Failures in integrated services becomes your problem. It even become more serious if you are not prepared for it.
						</div>
					</section>

					<section>
						<div>
							<strong>#4: Tight coupled systems fail more often than loose coupled systems.</strong> Decoupling middleware is a good practice to enable loose coupling for integration. This principle is applicable and best practice for cloud native applications.
						</div>
					</section>
					
					<section>
						<div>
							<strong>#5: High traffic site's Resource/Connections pools get drained very quickly.</strong> Resource/Connection pool have limitations. They can run out of resources rapidly and application performance will start degrading.
						</div>
					</section>

					<section>
						<div>
							<strong>#6: Unbalanced capacities causes failures and scalability problems for applications.</strong>If the capacities are not aligned, then you have a problem. Capacity and sizing should be planned accordingly.
						</div>
					</section>
					
					<section>
						<div>
							<strong>#7: Never trust a system you have no control over.</strong> The downstream application which is running a blocking code, can take your application down.
						</div>
					</section>

					<section>
						<div>
							<strong>#8: Slow applications gets more traffic.</strong>
							When an application is slow, users hit re-load button or F5 many times to reach to the application which causes more traffic.
						</div>
					</section>
					
					<section>
						<div>
							<strong>#9: Fail fast all the time and retry gradually.</strong>
							Exponential back off, Circuit breakers and timeouts should be embraced. User friendly error codes or default messages should be presented to the user until the stability is established.
						</div>
					</section>

					<section>
						<div>
							<strong>#10: Appreciate your hardware resources and utilize them wisely.</strong>.
							Don't fall for CPU and Memory is CHEAP. This is not TRUE. Long running CPU cycles can cause contention which slows down your application and eventually it will fail. Paged or unfragmented memory causes slow seek times.
						</div>
					</section>
				</section>

				<section>
					<section>
						<h3>Web Apps vs Desktop Apps</h3>
					</section>

					<section>
						<div>
							Web applications does not require deployment for each client machine.<br />
							Does not require version check in client machine.<br />
							Updates are easier.<br />
							Bug fixes are easier.<br />
							No administrator rights checking.<br />
							Can access from anywhere.<br />
							Platform independent.<br />
							Support and maintenance are easier.<br />
							Adaptability in mobile applications.<br />
							Development is easy <br />
							Large community support <br />
						</div>
					</section>
				</section>

				<section>
					<h5>Thank you!</h5>
				</section>
			</div>
		</div>

		<script src="lib/js/head.min.js"></script>
		<script src="js/reveal.js"></script>

		<script>
			// More info about config & dependencies:
			// - https://github.com/hakimel/reveal.js#configuration
			// - https://github.com/hakimel/reveal.js#dependencies
			Reveal.initialize({
				dependencies: [
					{ src: 'plugin/markdown/marked.js' },
					{ src: 'plugin/markdown/markdown.js' },
					{ src: 'plugin/notes/notes.js', async: true },
					{ src: 'plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
				]
			});
		</script>
	</body>
</html>