- You'll also need an editor to modify files. Most computers have a free text editor already - installed, but these are rarely good enough. Use whatever you like, but if you have no - preference, download and install NetBeans. +
+ If the above editors don't work on your system, or you don't get on with them, that's no + problem — there's a substantial + list of editors on Wikipedia.
- One of the other features of this tutorial is that it uses an absolute minimum of additional + One of the other features of this tutorial is that it uses no additional software to get it working. Software projects nearly always make use of libraries, each of which offer some particular pre-written functionality. These are well worth using in proper development, since they are better-tested by more people than an individual can usually achieve on their own. However, for a tutorial I think they can add integration complexity, and explaining the advanced-level code within is usually quite a distraction. Thus, I have eschewed - libraries more than I would normally, and suspect this will be corrected in a second (more - advanced) tutorial. -
-- I have made one exception for this rule, however, for reasons of password security. The login - system requires some cryptographic code, and this sort of thing is quite easy to get wrong. Whilst - this is just a tutorial, if it teaches readers to leave security to the experts (the - library-writers), it has served a valuable purpose. + libraries more than I would normally.
editor, and that you can create folders as required. This might be in the root of your "htdocs"
or "www" folder, depending on what you used to install Apache. You can use a subfolder of "blog"
if you wish, or for more advanced users, feel free to set up a new vhost. So, when I use
- http://localhost/, you can assume I am referring to the root of your project, even
+ http://localhost/, you can assume I am referring to the root of your project, even
if your URL is somewhat different.
@@ -190,15 +245,30 @@
- Then, run this in your browser, by accessing the URL http://localhost/info.php.
+ Then, run this in your browser, by accessing the URL http://localhost/info.php.
You should see a PHP configuration page. If you do, then check you are running a version later
- than 5.4; if it is earlier than this then
+ than 5.5; if it is earlier than this then
you will need to upgrade. If you don't see this screen at all, then check that you have created
the file in the right folder.
+ It is also worth ensuring your PHP installation has the necessary database support. Double-check
+ this by searching the list of modules until you find the two modules highlighted in the
+ screenshot below: PDO and pdo_sqlite.
+ It may help to know that the modules are listed in alphabetical order:
+
+ 
+
- Once you have this working, and showing an acceptable version number, you can delete this file. + Once you have this showing an acceptable version number and the required modules, you + can delete this file.
Here's the first bit of code to add:
@@ -211,7 +281,7 @@
This is the initial file, so all we have to do is copy and paste it in. To do so, create
index.php in the root of your project folder, open it in your
editor, and ensure it is empty before pasting in the code. Then visit
- http://localhost/index.php in your browser, to ensure that you can see the
+ http://localhost/index.php in your browser, to ensure that you can see the
initial mock-up of our blog's home page.
@@ -219,14 +289,15 @@
If you can, then your first piece of coding is done! The language is HTML, which is understood
by your web browser as a way to describe documents on the web. HTML is not actually a
programming language: it is properly referred to as a markup language. The markup itself
- is made up of tags such as <body> and <h1>, each
- of which has an opening tag (without the slash) and a closing tag (with the slash).
+ is made up of tags such as <body> and
+ <h1>, each of which has an opening tag (without the slash)
+ and a closing tag (with the slash).
These
are nested to form a hierarchy in the same way as an ordinary letter is hierarchical: instead of
an envelope containing a document containing headings and paragraphs, we have an
- <html> containing a <body> containing
- <h1> and <p>. Easy peasy!
+ <html> containing a <body> containing
+ <h1> and <p>. Easy peasy!
@@ -234,17 +305,17 @@
What do the tags mean?
- DOCTYPE: this tells the browser to expect a particular dialect of HTML
+ DOCTYPE: this tells the browser to expect a particular dialect of HTML
— in this case HTML5html: this is the "envelope" for the whole document. It acts as a container for
+ html: this is the "envelope" for the whole document. It acts as a container for
everythinghead: this contains stuff about the document, such as the titlebody: unsurprisingly, this contains the main part of the documenth1, h2, h3: title headings of decreasing
+ head: this contains stuff about the document, such as the titlebody: unsurprisingly, this contains the main part of the documenth1, h2, h3: title headings of decreasing
importancep: a paragraph of textdiv: a "division", i.e. a sectiona: a hyperlinkp: a paragraph of textdiv: a "division", i.e. a sectiona: a hyperlink
We'll use a few more as we go on, but those are the main ones.
@@ -275,18 +346,18 @@
Thus, if you wish, you can delete both article blocks and replace them with the new loop block
- (containing the for() through to the endfor). However, the way this was
+ (containing the for() through to the endfor). However, the way this was
actually written was as follows:
- Delete the second article
- - Insert the start of the
for() loop before the first article, on a new line
- - Insert the end of the loop (
endfor) at the end of the first article, on a new
+ - Insert the start of the
for() loop before the first article, on a new line
+ - Insert the end of the loop (
endfor) at the end of the first article, on a new
line
- Indent the contents of the loop (in most editors, you can do this by selecting the article
markup and pressing the Tab key)
- - Finally, the two snippets of PHP to output the
$postId are inserted into the
+ - Finally, the two snippets of PHP to output the
$postId are inserted into the
article
@@ -302,11 +373,11 @@
What are loops?
- The for() and endfor you have seen form a loop block. This is
+ The for() and endfor you have seen form a loop block. This is
a way of telling PHP that you want the enclosed code to be run a number of times. In this
- case, it sets a value to 1, and carries on looping whilst that value is less than or greater
- than 3. For each iteration of the loop, the value is incremented by 1, which is carried out by
- the ++ operator.
+ case, it sets a value to 1, and carries on looping whilst that value is less than or equal
+ to 3. For each iteration of the loop, the value is incremented by 1, which is carried out by
+ the ++ operator.
@@ -353,7 +424,7 @@
<body> and <h1>, each
- of which has an opening tag (without the slash) and a closing tag (with the slash).
+ is made up of tags such as <body> and
+ <h1>, each of which has an opening tag (without the slash)
+ and a closing tag (with the slash).
These
are nested to form a hierarchy in the same way as an ordinary letter is hierarchical: instead of
an envelope containing a document containing headings and paragraphs, we have an
- <html> containing a <body> containing
- <h1> and <p>. Easy peasy!
+ <html> containing a <body> containing
+ <h1> and <p>. Easy peasy!
@@ -234,17 +305,17 @@@@ -353,7 +424,7 @@What do the tags mean?
-
DOCTYPE: this tells the browser to expect a particular dialect of HTML +- -
DOCTYPE: this tells the browser to expect a particular dialect of HTML — in this case HTML5html: this is the "envelope" for the whole document. It acts as a container for +- -
html: this is the "envelope" for the whole document. It acts as a container for everything- -
head: this contains stuff about the document, such as the title- -
body: unsurprisingly, this contains the main part of the documenth1,h2,h3: title headings of decreasing +- +
head: this contains stuff about the document, such as the title- +
body: unsurprisingly, this contains the main part of the document- -
h1,h2,h3: title headings of decreasing importance- -
p: a paragraph of text- -
div: a "division", i.e. a section- +
a: a hyperlink- +
p: a paragraph of text- +
div: a "division", i.e. a sectiona: a hyperlinkWe'll use a few more as we go on, but those are the main ones.
@@ -275,18 +346,18 @@
Thus, if you wish, you can delete both article blocks and replace them with the new loop block - (containing the
for()through to theendfor). However, the way this was + (containing thefor()through to theendfor). However, the way this was actually written was as follows:@@ -302,11 +373,11 @@
- Delete the second article
-- Insert the start of the
-for()loop before the first article, on a new line- Insert the end of the loop (
endfor) at the end of the first article, on a new +- Insert the start of the
+for()loop before the first article, on a new line- Insert the end of the loop (
endfor) at the end of the first article, on a new line- Indent the contents of the loop (in most editors, you can do this by selecting the article markup and pressing the Tab key)
-- Finally, the two snippets of PHP to output the
$postIdare inserted into the +- Finally, the two snippets of PHP to output the
$postIdare inserted into the articleWhat are loops?
- The
for()andendforyou have seen form a loop block. This is + Thefor()andendforyou have seen form a loop block. This is a way of telling PHP that you want the enclosed code to be run a number of times. In this - case, it sets a value to 1, and carries on looping whilst that value is less than or greater - than 3. For each iteration of the loop, the value is incremented by 1, which is carried out by - the++operator. + case, it sets a value to 1, and carries on looping whilst that value is less than or equal + to 3. For each iteration of the loop, the value is incremented by 1, which is carried out by + the++operator.
Broadly, databases are stored in terms of tables, columns and rows. Each
different kind of data we wish to store needs its own table, but to start with, we only have one:
- a post. The CREATE TABLE statement specifies which properties we want a post to have,
+ a post. The CREATE TABLE statement specifies which properties we want a post to have,
namely:
- The column id has two particular features:
+ The column id has two particular features:
-
-
- We declare it as a
PRIMARY KEYin order to mark it as the predominant unique + - We declare it as a
PRIMARY KEYin order to mark it as the predominant unique identifier for the row. This makes it suitable to refer to the row from another table (which we will do later on)
- - We specify the
AUTOINCREMENToption, so unique values are generated for us + - We specify the
AUTOINCREMENToption, so unique values are generated for us by the database server automatically
A blog post is therefore just a row added to the posts table, since each row has space to store
all of these values. Once the table is created, we also create some dummy article data, using
- INSERT. The format of this command, as used in the SQL script, is simply thus:
+ INSERT. The format of this command, as used in the SQL script, is simply thus:
-
+
INSERT INTO table_name (column_1, column_2, ...) VALUES (value_1, value_2, ...);
- The first half of the code is written in PHP. Here, we use a series of if()
- statements to ensure everything goes smoothly. The variable $error is set to an
+ The first half of the code is written in PHP. Here, we use a series of if()
+ statements to ensure everything goes smoothly. The variable $error is set to an
error message if something goes wrong. Here are the steps we take:
accidentally overwrite data.
touch()
+ SQLite will work fine with just an empty file, so we create one with touch()
and report if there was any problems doing that (such as being disallowed by file system
permissions).
file_get_contents() and report an error
+ We then read the SQL script in using file_get_contents() and report an error
if the file cannot be found (this is unlikely, but it is good practice to check
everything that can go wrong!).
$pdo->exec() and report any issues
+ We then try running the SQL commands using $pdo->exec() and report any issues
with that.
- The second half of the file (from <!DOCTYPE html>) presents the results of
+ The second half of the file (from <!DOCTYPE html>) presents the results of
the script, in HTML.
So, if you have not already tried it, visit http://localhost/install.php in your
+
So, if you have not already tried it, visit http://localhost/install.php in your
browser, and make sure some posts are created. If you want to re-run it, delete the data.sqlite
file manually and refresh your browser page.
Using real data
The first few lines determine the file path to the database, and then we create a new PDO object
- with new PDO(), which we can use to access the data. We then use the
- query() method to run a SQL statement that reads articles from the post
+ with new PDO(), which we can use to access the data. We then use the
+ query() method to run a SQL statement that reads articles from the post
table.
What is a SELECT statement?
- The SELECT command is used to read from the database. For a single table, it takes a
+ The SELECT command is used to read from the database. For a single table, it takes a
format like this:
(column names to sort on)
- The WHERE is optional, and is useful if we want to filter on some particular
+ The WHERE is optional, and is useful if we want to filter on some particular
feature of each row.
- So, refresh your browser's view of http://localhost/index.php, and ensure that your
+ So, refresh your browser's view of http://localhost/index.php, and ensure that your
new changes render the posts from the database without errors. I'll then explain what is happening.
After connecting to the database, the query is used to retrieve column values for each table row,
- returning ordering the rows in created_at DESC (i.e. in reverse creation order, or most
- recent first). It then enters a loop (in this case a while()) to render all the posts it
+ returning ordering the rows in created_at DESC (i.e. in reverse creation order, or most
+ recent first). It then enters a loop (in this case a while()) to render all the posts it
finds.
- We use $stmt->fetch() to read the next available row, until the point when there are no
+ We use $stmt->fetch() to read the next available row, until the point when there are no
rows left. When that happens, this method will return false and the loop will exit.
For every row, there are two observations worth making. Firstly, rows are returned in an array, so we
- access them using the array syntax such as $row['title']. Secondly, you'll see that
- where text strings are output, they are wrapped in the htmlspecialchars() function. The
+ access them using the array syntax such as $row['title']. Secondly, you'll see that
+ where text strings are output, they are wrapped in the htmlspecialchars() function. The
reason for this is that, if user input (a blog title or blog post in this case) contains angle brackets,
it could break the HTML used in the page layout, and worse, might let a user inject unauthorised
JavaScript that would be run on other people's computers.
+++ What are the htmlspecialchars() parameters? +
++ The first parameter is, of course, the item of text we wish to safely output. The other + two are: +
+ ++
+ +- +
ENT_HTML5: this tells PHP to understand tags as HTML5, rather than any + other dialect of HTML- +
'UTF-8': this specifies how characters are encoded. UTF-8 is + now the standard approach to encoding text because it supports a large number + of language-specific charactersIt's worth noting that while the default character set for this function is 'UTF-8' + (and so we don't really need to set it), the PHP manual advises that it should be + specified explicitly. +
+
You'll notice that most of the PHP code to deal with the database side of things is in the top half of the file, and the second half is predominantly HTML. This isn't an accident: this arrangement creates @@ -533,22 +627,22 @@
Now, it is our intention to link this page from individual posts on the home page. However, we've
not quite done that bit yet, so let's visit the new page manually, in order to test it. Open a
- new tab, paste the link http://localhost/view-post.php into the address
+ new tab, paste the link http://localhost/view-post.php into the address
bar, and check that a simple post appears.
- The connection to the database is the same as before, but we now have a WHERE clause
- in our SELECT statement, and we are we are now using prepare() and
- execute() to send the statement to the database driver.
+ The connection to the database is the same as before, but we now have a WHERE clause
+ in our SELECT statement, and we are now using prepare() and
+ execute() to send the statement to the database driver.
- Let's take the WHERE statement first. In the home page, we ran a query without
+ Let's take the WHERE statement first. In the home page, we ran a query without
this, because we wanted everything in the table. However it is more often the case that we
want to limit returned rows to those matching one or more conditions. This is where the
- WHERE comes in. For our new page, we only want rows that have a specific id (and
+ WHERE comes in. For our new page, we only want rows that have a specific id (and
since "id" is unique, we know we won't get more than one).
- The other change is swapping out the call to query() with two new methods.
- prepare() is used to set up the statement, and indicates with a colon where values
- should go (i.e. ":id"). The execute() statement then runs the query, swapping
+ The other change is swapping out the call to query() with two new methods.
+ prepare() is used to set up the statement, and indicates with a colon where values
+ should go (i.e. ":id"). The execute() statement then runs the query, swapping
place-holders with real values (in this case, the number 1). This technique is known as
parameterisation, and is a good way to inject user-supplied input in a secure manner
(the post ID is not yet user-supplied, but it soon will be).
@@ -579,7 +673,7 @@
files shows that our blog title and synopsis is repeated in both files. That's not good, since
if these things need to be amended, we need to change them more than once. Happily, the
solution is easy: we create a PHP file for the duplicated snippet, and then use
- require to pull it in.
+ require to pull it in.
@@ -607,7 +701,7 @@
We saw in the common.php library a set of code blocks that
start with the word
- function. These are named blocks of code that can be called from different
+ function. These are named blocks of code that can be called from different
places, and are an essential item in your toolkit. They help reduce duplication (since
you don't need to write code again) and they help improve modularity (since functions
can be stored in separate files).
@@ -617,11 +711,18 @@
The functions we've seen here all provide a return value, which is the result of
the function, and it can be of any type: a number, a string, whatever. This can either be
printed out to the screen, or more frequently, stored in a variable at the place it is
- called. For example, the function getRootPath() gets the full directory
+ called. For example, the function getRootPath() gets the full directory
name of your web project on disk.
+
+ Since the htmlspecialchars() calls have a few parameters we don't want to have to
+ keep typing in, let's also move that to its own function:
+
Adding more features
@@ -658,7 +759,7 @@Adding more features
Since this involves database changes, we'll need to delete our database file, and re-run
the installer. So, delete the file in data/data.sqlite and then
- reinstall by visiting http://localhost/install.php again.
+ reinstall by visiting http://localhost/install.php again.
@@ -671,7 +772,7 @@
Adding more features
Now we're ready to start adding some comment-related changes. To start with, let's add
- a count of comments on the front page. This uses the SQL command COUNT() to count
+ a count of comments on the front page. This uses the SQL command COUNT() to count
the number of rows that would be returned by a query:
Commenting form
addCommentToPost() for validation and saving.$errors array.addCommentToPost() for validation and saving.
+ $errors array.
When we visit a web site normally — such as the home page of our blog, say —
we are in GET mode. This is the state that is suitable for reading things from
- a web server. Some pages containing a <form> also operate in GET mode,
+ a web server. Some pages containing a <form> also operate in GET mode,
such as search forms, since these too are used to read information.
Forms that may result in data being saved, on the other hand, should use POST. You can
see this with the comment form we just installed; have a look for the
- method="post" declaration in the form tag.
+ method="post" declaration in the form tag.
This was one of the reasons behind the earlier change to the installer: before the @@ -866,7 +967,7 @@
- Adding a comment doesn't work yet, as the INSERT command is missing a value for
+ Adding a comment doesn't work yet, as the INSERT command is missing a value for
the date of comment creation. Let's fix that now:
Thus, we now set empty values for the GET case (no form submission) in
view-post.php as well as
the already existing POST case. Where we output the user-supplied data, we pass it through
- the PHP function htmlspecialchars(), which prevents any rendering problems if the
- user has used any HTML characters such as angle brackets.
+ the PHP function htmlspecialchars() via our custom function htmlEscape(),
+ which prevents any rendering problems if the user has used any HTML characters such as angle
+ brackets.
@@ -965,8 +1067,8 @@ Adding a login system
There are two fields in the new user table that I added based on my experience rather than an
- immediate need. These are created_at, which holds the date and time when the user
- was first set up, and is_enabled, which allows us to turn users on and off. Most
+ immediate need. These are created_at, which holds the date and time when the user
+ was first set up, and is_enabled, which allows us to turn users on and off. Most
user systems will find a practical use for these simple features during their lifetime.
Adding a login system
form of protection should a cracker get through our security and steal our database. - -
- So, let's make that improvement straight away. To do so, we'll need the library I talked about
- at the start of the tutorial, stored here in vendor/password_compat.
- The features it provides are so useful they have been built into PHP 5.5, so if you are running
- this version (or later) you can skip adding the new file and the associated
- require_once. However if you are running an earlier version, or if you are not
- sure which version you have, add all of these changes.
+ So, let's make that improvement straight away. Here are the changes:
- So, what does the new code do? It makes use of a new function called
- password_hash(), which takes a password as input and produces what is known as a
+ So, what does the new code do? It makes use of a PHP function called
+ password_hash(), which takes a password as input and produces what is known as a
hash. A hash is a mathematical calculation that is strictly one way, which means that
if sometimes steals our database of password hashes, they will find it very difficult indeed
to recreate the passwords they were generated from.
- Whether or not you are using it, by all means do have a read of the source code in - password.php. However, an in-depth exploration of it would be rather - advanced at this stage, so for our purposes we will assume it just works. -
-The next step is to add a login form, and a link from which to access it:
@@ -1033,8 +1116,8 @@Adding a login system
- If the password matches however, then we call login() to sign in the user, and
- then we redirect to the home page using redirectAndExit().
+ If the password matches however, then we call login() to sign in the user, and
+ then we redirect to the home page using redirectAndExit().
@@ -1057,8 +1140,8 @@@@ -1121,14 +1204,14 @@
PHP makes this nice and simple for developers: we just turn on sessions using -
session_start(), and then we can just read and write to the -$_SESSIONarray. Easy peasy! +session_start(), and then we can just read and write to the +$_SESSIONarray. Easy peasy!
Tidy up
-<div style="border: 1px solid #ff6666; padding: 6px;"> … </div>+<div style="border: 1px solid #ff6666; padding: 6px;"> … </div>
- The purpose of the style attribute to specify CSS rules (otherwise known as
- style rules) to the HTML within. Firstly, we have the border rule, which says
+ The purpose of the style attribute to specify CSS rules (otherwise known as
+ style rules) to the HTML within. Firstly, we have the border rule, which says
the content (an error message) should have a red border rendered in an unbroken line, and
- the padding means that there should be six pixels of gap between the border and
+ the padding means that there should be six pixels of gap between the border and
an invisible box around the content.
Tidy up
- That applies two rules to the block: one called error and another called
- box. That's much easier to remember, easier to read, and — since we
+ That applies two rules to the block: one called error and another called
+ box. That's much easier to remember, easier to read, and — since we
centralise the definitions in assets/main.css — easier
to change if we have to.
Tidy up
We now turn our attention to an improvement to the database. This consists of the tables
- post and user, for blog posts and authors respectively. When
- creating a post record, we insert our automatically generated user.id in
- post.user_id to store which user has authored it (of course, we only have one
+ post and user, for blog posts and authors respectively. When
+ creating a post record, we insert our automatically generated user.id in
+ post.user_id to store which user has authored it (of course, we only have one
user in our test data, but in practice we might have several).
- However, it is possible to insert any number in post.user_id, so if we have
+ However, it is possible to insert any number in post.user_id, so if we have
an undiscovered bug in our code, it might cause a non-existent user primary key to be stored
here. Since we rely on values here always pointing to a user row, if a bad value were to get
in, it might crash our application.
@@ -1193,7 +1276,7 @@
Tidy up
constraints. These allow us to specify that values inserted into a particular column must exist in another column belonging to another table, and that an error must occur if this condition is not met. SQLite offers this feature, although it is unusual in that it needs to - be turned on explicitly, using thePRAGMA command.
+ be turned on explicitly, using the PRAGMA command.
@@ -1202,7 +1285,7 @@
Tidy up
user table does not result
+ Deleting the user table does not result
in a constraint violation, since we refuse to run the SQL unless the database file is
manually deleted.
Tidy up
order around, so the test user is created before the test postINSERT that in the script with a dummy hash value, and
- UPDATE it afterwards with the real hash generated in PHPINSERT that in the script with a dummy hash value, and
+ UPDATE it afterwards with the real hash generated in PHP
Tidy up
+
+ The file you've just added is used to set options for the web server, and in this case
+ for a module known as mod_rewrite. This module allows the creation of special rules
+ for various web addresses, and in our case to refuse to serve ones that are private.
+ I'll provide a little information about these rules below, but if you don't fully follow them,
+ don't worry. They are rather out of scope for a beginners' course, and we won't need to
+ consider them again.
+
++ __NEWFILE__+ What do the mod_rewrite commands do? +
+ ++ The first command is simple:
+RewriteEngine onenables the module for the site. + After that, theRewriteCondsets up a condition (i.e. when the rule will + apply) and theRewriteRuledoes the action. ++ The condition is looking at a placeholder known as
+%{REQUEST_URI}. This is the + URL of the page, relative to the domain. So it will always start with + / and then it will contain the address, e.g. + /styles/assets/main.css (our stylesheet) or + /install.php (a PHP page). However there are some resources + we want users specifically not to access directly. ++ These ones are in the data, lib, + templates and vendor folders, so + we add those into the second part of this command. The bar character means "or" and the +
+^means "begins with". This format is known as a + regular expression, and is + a popular and flexible method of testing strings for certain conditions. ++ The
+RewriteRulebasically says if you get a match, then this is the + (L) last rule (i.e. don't process any more rules) and the server should + (R) redirect to a 404 page (a special server code for "not found"). +
New post creation
@@ -1249,7 +1374,7 @@New post creation
Let's turn our attention to another major feature: writing a new article. We start off with
setting up a new page, laying out the necessary form input controls, and adding a new logged-in
- menu item. There's also a change here to add a generic class user-form, so our
+ menu item. There's also a change here to add a generic class user-form, so our
forms across the whole application can easily acquire a common look-and-feel; see how I've
gone back to existing form comment-form.php to update that too.
New post creation
- While we are here, let's take a look at how redirectAndExit() works; this is in
+ While we are here, let's take a look at how redirectAndExit() works; this is in
common.php. It starts by reading the domain we are running
- on (such as localhost), since it is good not to hardwire this into our code.
- It then sends a Location HTTP header to the browser, which will cause it to
+ on (such as localhost), since it is good not to hardwire this into our code.
+ It then sends a Location HTTP header to the browser, which will cause it to
request the specified address. Since the PHP script would happily carry on running at this
point (until it has detected that the browser has disconnected) we also need to forcibly
exit and wait for the redirect.
@@ -1298,9 +1423,9 @@
- Some information about the browser and operating system in use
- (the
User-Agent header)
- - Which website we wish to view (
Host)
- - The cookies previously served by the domain (
Cookie)
+ (the User-Agent header)
+ - Which website we wish to view (
Host)
+ - The cookies previously served by the domain (
Cookie)
User-Agent header)Host)
- Cookie)
+ (the User-Agent header)Host)
+ Cookie)
@@ -1308,9 +1433,9 @@
- - Some information about the server environment in use (
Server)
+ - Some information about the server environment in use (
Server)
- The type of the content; web pages for example are served as "text/html"
- (
Content-Type)
+ (Content-Type)
Server)Server)Content-Type)Content-Type)