Professional Web Development | © GAL Digital GmbH
well though out.


Web Development
Premium Webseiten GAL Digital GmbH


Next element Next element
room it! E-Commerce ROOM-IT Individual e-commerce application based on Shopware
VDMA survey platform VDMA Survey platform for one of the largest industry associations
Bihler Responsive Relaunch BIHLER Responsive relaunch incl. product database
Barksdale Online Offer Generator BARKSDALE Online quotation generator with system integration
Schwind PIM Solution SCHWIND Internet presence with doctors' portal in a PIM solution
WHAT IS A WEB APPLICATION AND WHAT OTHER TERMS ARE THERE? The classic web application, also known as a client-server application or web application, is an application model based on the principle of the client-server model. This means that the application is not installed on the user's computer - instead, data processing takes place on an external web server. The results of the data processing are then transferred to the user's computer, the so-called thin client. In principle, the transfer takes place via a web server that uses the HTTP protocol for communication. The great advantage of a web application is that it is universally accessible. This means that the data can be accessed via a web browser, regardless of the operating system installed. The only limitation of a web application is the need for a special runtime environment - JavaScript is considered the leader here. Web applications also belong to the category of asynchronous applications. A cycle is created by the HTTP request and the subsequent HTTP response - this is also referred to as the request cycle.

The basic structuring of a web application is done using HTML. This allows developers to define not only the structure but also the content of the final web application. CSS, on the other hand, is used for design. JavaScript can also be used to extend the capabilities of HTML and CSS. In addition, SQL databases and more complex programming in PHP are often found in modern web applications. Responsive websites have become particularly important. These automatically adapt to the different requirements of the end device, allowing them to be displayed on typical computers and mobile devices. The Progressive Web App (PWA) goes one step further and offers features traditionally reserved for a native application. With a PWA, companies can avoid developing a standalone application for mobile devices. Instead, a user can visit the website via a URL and access selected offline functionality. This approach is made possible by the caching capabilities of the Service Workers.
HOW DO WEB APPLICATIONS WORK? Basically, a web application can be accessed by entering a URL in the web browser. Entering and confirming the URL sends a request to the web server, which accepts it and passes it on to the web application. The HTML source code of the target website is then loaded and returned to the requesting browser. The request is called an HTTP request and the response is called an HTTP response. The loaded web page is the user interface of the web application. A closer look at the layered architecture of a website also shows that only the presentation layer is executed in the user's browser. The logistics layer and the important data management are part of the server tasks.

Any further interaction on the website, such as filling out a form, results in a new HTTP request. In the classic case, the HTTP POST is used to transmit the input. The transfer of the link parameters takes place via HTTP GET, as does the transfer of HTTP cookies to the web server for further processing. In addition, a web application must have interfaces such as Fast CGI to enable it to connect to the web server. Only with such an interface can requests be passed to the web application and output values be sent. Session data is particularly important for web applications. This can be stored and written to a database using HTTP cookies, for example. By using these cookies, operators can track the user's interactions with the web application - due to the EU Data Protection Regulation, special attention must be paid to data protection here. A disadvantage of cookies is that they consume resources, making it difficult to scale the application horizontally. For scalable applications, the REST paradigm is often used, allowing the web application to be executed on both the server and client sides.
WHAT ARE THE ADVANTAGES OF A WEB APPLICATION? Using a web application can have some advantages. For example, web applications are considered to be operating system independent. Typically, all that is required to access a web application is a web browser, which is pre-installed on most operating systems. In addition, the user does not need to take any action or install any software because the client-server application handles the requests. In some cases, however, a browser plug-in is required to use a web application - Flash is a well-known example. However, the use of Flash has declined sharply since the advent of mobile devices, so web applications have a high degree of platform independence.

A particular advantage of a client-server application is its ease of maintenance. Adjustments are always made on the web server, which reduces maintenance costs. Another consequence of this approach is security. The ease with which the web application can be adapted means that security gaps can be closed quickly and immediately. In addition, the compromise of a complete web application does not lead to further security vulnerabilities because the user system - the web server - does not usually host any other applications.
WHAT ARE THE DISADVANTAGES OF A WEB APPLICATION? There are some disadvantages to using a web application that need to be considered before development. Basically, a web application can only function if it has a connection to a web server. If this connection is not available, HTTP requests and responses cannot be exchanged between the client-server application and the server. In addition, the data rate of the existing connection also plays a role, as it must always meet the requirements of the web application. Due to these limitations, the use of web applications in mobile offline operation is basically not possible.

Another disadvantage of a web application is the interaction with a browser. By default, a web application should be able to interact with a browser without any problems. In reality, this is not the case because browsers interpret HTML code differently. Even standards such as W3C do not help. The differences can already be seen in the appearance of applications - there are often discrepancies between browsers. These purely visual differences are often insignificant. More important are the misinterpretations of the JavaScript source code. Because of these glaring differences, web applications must be provided with exception handling for browsers and their versions. Finally, the request cycle plays a crucial role in web application development. This means that the web server and applications communicate asynchronously, making real-time processing of data impossible.
WHAT FRAMEWORKS ARE AVAILABLE FOR CREATING WEB APPLICATIONS? A web framework is software that enables the development of web applications. Using a framework can make development easier and improve self-documentation. Web frameworks also provide predefined classes, for example for authentication or sending mail. In addition to the frameworks, the corresponding libraries must also be considered.

The following web frameworks have proven themselves in practice:
- Bootstrap: This is a free front-end CSS framework with design templates based on HTML and CSS. Bootstrap also offers optional JavaScript extensions.
- Neos Flow: This framework is based on PHP and was developed for the TYPO3 Neos CMS. It is mainly used for the development of PHP applications.
- CakePHP: This framework is also based on PHP and follows the Model View Controller (MVC) scheme. This framework makes few demands on the web server and does not require its own database.
- NET Framework: This framework is a component of the Microsoft .NET software platform and includes numerous interfaces and tools for application development.
HOW SECURE ARE WEB APPLICATIONS? One of the fundamental issues when developing a web application is the security of the application. In principle, there are many ways to analyse the security of a web application. However, we will focus on the basic attack vectors that are directly related to web applications. Security vulnerabilities can be avoided during the implementation of such an application. However, with client-server applications there are many attack vectors to consider, ranging from the browser to the SSL protocol. In practice, it is almost impossible to avoid exploits during implementation. For this reason, developers and vendors should focus on user protection.

A proven and sensible approach to ensuring application security is testing. The secure software development lifecycle can be used to identify security problems at various points in time. Statistical analysis of source code can also quickly identify security vulnerabilities. Dynamic testing can also reveal specific bugs, but requires a lot of planning time. In practice, extensive testing is often not possible due to limited access to the source code or too little time to test. For this reason, web application firewalls (WAFs) are one way of reducing the security risks in a web application. This is done in front of the actual web application. However, the impact on performance and the high demands on developers must be taken into account. WAFs are a real alternative, especially in the case of short time windows or insufficient testing capacities.


Next element Next element