# HG changeset patch
# User Christian Urban <urbanc@in.tum.de>
# Date 1348533121 -3600
# Node ID 4c40d4b2d01cf5f92c75c5c01f561c69e8ffb34b
# Parent  1280309e6bfcbc0f55d4769070f492f8e29a5553
new slides

diff -r 1280309e6bfc -r 4c40d4b2d01c app0.scala
--- a/app0.scala	Mon Sep 24 20:51:17 2012 +0100
+++ b/app0.scala	Tue Sep 25 01:32:01 2012 +0100
@@ -5,10 +5,8 @@
 
   // answering a GET request
   val index = Action { request =>
-    
     Ok("Hello world!")
   }  
-  
 }
 
 
diff -r 1280309e6bfc -r 4c40d4b2d01c app1.scala
--- a/app1.scala	Mon Sep 24 20:51:17 2012 +0100
+++ b/app1.scala	Tue Sep 25 01:32:01 2012 +0100
@@ -1,18 +1,18 @@
 object Application extends Controller {
 
-  // presenting login form
+  // GET request -> present login form
   val index = Action { request =>
     
-    val form = """<form method="post"> 
-                Login: <input type="text" name="login"><br>
-                Password: <input type="password" name="password"><br>
-                <input type="submit"></form>"""
+    val form = 
+       """<form method="post"> 
+          Login: <input type="text" name="login"><br>
+          Password: <input type="password" name="password"><br>
+          <input type="submit"></form>"""
 
     Ok(form).as(HTML)
   }  
 
-  
-  // processing the received login data
+  // POST data: processing the login data
   val receive = Action { request =>
     
     val form_data = Form (tuple ("login" -> text, "password" -> text))
@@ -21,7 +21,6 @@
     
     Ok("Received login: " + login + " and password: " + password)
   }
-  
 }
 
 
diff -r 1280309e6bfc -r 4c40d4b2d01c app2.scala
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/app2.scala	Tue Sep 25 01:32:01 2012 +0100
@@ -0,0 +1,30 @@
+object Application extends Controller {
+
+  def gt_cookie(c: Option[Cookie]) : Int = c match {
+    case Some(s) if (s.value.forall(_.isDigit)) => s.value.toInt 
+    case _ => 0
+  }
+
+  def mk_cookie(i: Int) : Cookie = {
+    Cookie("visits", i.toString)
+  }
+  
+  // GET request: read cookie data first
+  def index = Action { request =>
+    
+    val visits_cookie = request.cookies.get("visits")
+    val visits = gt_cookie(visits_cookie)
+
+    val msg1 = "You are a valued customer who has visited this site %d times."               
+    val msg2 = "You have visited this site %d times."
+    val msg = 
+      if (visits >= 10) msg1.format(visits) else msg2.format(visits)
+    
+    //send with new cookie
+    Ok(msg).as(HTML).withCookies(mk_cookie(visits + 1))
+  }
+}
+
+
+
+
diff -r 1280309e6bfc -r 4c40d4b2d01c slides01.pdf
Binary file slides01.pdf has changed
diff -r 1280309e6bfc -r 4c40d4b2d01c slides01.tex
--- a/slides01.tex	Mon Sep 24 20:51:17 2012 +0100
+++ b/slides01.tex	Tue Sep 25 01:32:01 2012 +0100
@@ -376,6 +376,20 @@
 \end{tabular}
 \end{textblock}
 
+\begin{textblock}{1}(5.6,6)
+  \begin{tikzpicture}[scale=2.5]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (1,0) node (Y) {};
+  \only<1>{\draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
+  \only<2>{\draw[red, ->, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
+  \only<3>{\draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=7pt,label=above:\textcolor{black}{POST data}] at ($ (X)!.5!(Y) $) {};}
+  \end{tikzpicture}
+\end{textblock}
+
+
 \begin{textblock}{1}(9,5.5)
 \begin{tabular}{c}
 \includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
@@ -398,6 +412,8 @@
 \begin{frame}[c]
 \frametitle{\begin{tabular}{c}Scala + Play\end{tabular}}
 
+\footnotesize simple response from the server:
+
 {\lstset{language=Scala}\fontsize{8}{10}\selectfont
 \texttt{\lstinputlisting{app0.scala}}}\bigskip
 
@@ -405,7 +421,7 @@
 alternative response:\\
 
 {\lstset{language=Scala}\fontsize{8}{10}\selectfont
-\texttt{Ok("<H1>Hello world!</H1>").as(HTML)}}
+\texttt{\lstinline{Ok("<H1>Hello world!</H1>").as(HTML)}}}
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
@@ -420,6 +436,105 @@
 \end{frame}}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}Cookies\end{tabular}}
+
+
+\begin{textblock}{1}(1.5,5)
+\begin{tabular}{c}
+\includegraphics[scale=0.15]{pics/servers.png}\\[-2mm]
+\small Servers from\\[-2mm] 
+\small Dot.com Inc.
+\end{tabular}
+\end{textblock}
+
+\begin{textblock}{1}(5.6,5.6)
+  \begin{tikzpicture}[scale=2.5]
+  \draw[white] (0,0) node (X) {};
+  \draw[white] (1,0) node (Y) {};
+  \draw[white] (0.05,-0.3) node (X1) {};
+  \draw[white] (0.95,-0.3) node (Y1) {};
+  \only<1-2>{\draw[red, <-, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{GET request}] at ($ (X)!.5!(Y) $) {};}
+  \only<2>{\draw[red, <-, line width = 1mm] (X1) -- (Y1);
+  \node [inner sep=2pt,label=below:\textcolor{black}{read a cookie}] at ($ (X1)!.5!(Y1) $) {};}
+  \only<3->{\draw[red, ->, line width = 2mm] (X) -- (Y);
+  \node [inner sep=5pt,label=above:\textcolor{black}{webpage}] at ($ (X)!.5!(Y) $) {};}
+  \only<3->{\draw[red, ->, line width = 1mm] (X1) -- (Y1);
+  \node [inner sep=2pt,label=below:\textcolor{black}{write a cookie}] at ($ (X1)!.5!(Y1) $) {};}
+  \end{tikzpicture}
+\end{textblock}
+
+
+\begin{textblock}{1}(9.5,5.5)
+\begin{tabular}{c}
+\includegraphics[scale=0.15]{pics/laptop.png}\\[-2mm]
+\small Client
+\end{tabular}
+\end{textblock}
+  
+\only<4->{  
+\begin{textblock}{13}(1,11)  
+\small\begin{itemize}
+\item cookies: max 4KB data\\[-2mm]
+\item cookie theft, cross-site scripting attacks\\[-2mm]
+\item session cookies, persistent cookies, HttpOnly cookies, third-party cookies, zombie cookies 
+\end{itemize}  
+\end{textblock}}
+
+\only<5>{
+\begin{textblock}{11}(1,3)
+\begin{tikzpicture}
+\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] 
+{\normalsize\color{darkgray}
+\begin{minipage}{10cm}\raggedright\small
+{\bf EU Privacy Directive about Cookies:}\smallskip\\
+``In May 2011, a European Union law was passed stating that websites that leave non-essential cookies on visitors' devices have to alert the visitor and get acceptance from them. This law applies to both individuals and businesses based in the EU regardless of the nationality of their website's visitors or the location of their web host. It is not enough to simply update a website's terms and conditions or privacy policy. The deadline to comply with the new EU cookie law was 26th May 2012 and failure to do so could mean a fine of up to \pounds{}500,000.''
+\end{minipage}};
+\end{tikzpicture}
+\end{textblock}}
+  
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{c}My First Webapp\end{tabular}}
+
+{\bf GET request:}\smallskip
+\begin{enumerate}
+\item read cookie from client
+\item if none is present, set \texttt{visits} to \textcolor{blue}{$0$}
+\item if cookie is present, extract \texttt{visits}
+\item if \texttt{visits} is greater or equal \textcolor{blue}{$10$}, \\
+print valued customer message\\
+otherwise just normal message
+\item increase \texttt{visits} by \textcolor{blue}{$1$} and store new cookie with client
+\end{enumerate}
+
+  
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\mbox{}\\[-9mm]
+
+{\lstset{language=Scala}\fontsize{8}{10}\selectfont
+\texttt{\lstinputlisting{app2.scala}}}
+
+  
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+
+
+
 % linkedIn password
 % http://erratasec.blogspot.co.uk/2012/06/confirmed-linkedin-6mil-password-dump.html