Essential Computer Networking Concepts for Frontend Developers
Tools
1
TCP/IP Five-Layer Model
- Physical layer, Data link layer, Network layer, Transport layer, Application layer
Application Layer Protocols: TCP vs UDP
TCP-based Protocols:
- File Trnasfer Protocol (FTP): Port 21
- Telnet: Port 23
- Simple Mail Transfer Protocol (SMTP): Port 25
- Post Office Protocol 3 (POP3): Port 110
- Hypertext Transfer Protocol (HTTP/HTTPS)
UDP-based Protocols:
- Trivial File Transfer Protocol (TFTP): Port 69
- Simple Network Management Protocol (SNMP): Port 161
- Bootstrap Protocol (BOOTP)
- Dynamic Host Configuration Protocol (DHCP)
- Routing Information Protocol (RIP)
- Internet Group Management Protocol (IGMP)
Protocol Differences:
- TCP provides connection-oriented, reliible byte streams
- UDP offers connectionless, best-effort datagram delivery
- TCP has larger headers (20 bytes) vs UDP (8 bytes)
HTTP vs HTTPS
Key Differences:
- HTTP transmits plaintext; HTTPS encrypts with SSL/TLS
- HTTPS uses port 443 vs HTTP's port 80
- Requires CA certificate
HTTPS Encryption Process:
- Client initiates SSL connection
- Server sends certificate with public key
- Security level negotiation
- Session key creation and encryption
- Server decrypts with private key
- Encrypted communication begins
HTTP/1.1 vs HTTP/2
HTTP/2 Improvements:
- Header compression
- Multiplexing
- Binary framing
- Server push
TCP Connection Management
- Three-way handshake for connection establishment
- Four-way termination for connection closure
WebSocket Protocol
- Full-duplex communication over single TCP connection
- Eliminates need for polling
- More efficient than traditional HTTP requests
Browser Security Policies
Same-Origin Policy Restrictions:
- Prevents cross-domain access to cookies/storage
- Blocks cross-domain DOM manipulation
- Restricts cross-domain AJAX requests
Web Storage Options
Comparison:
- Cookies: 4KB limit, sent with requests
- localStorage: Persistent, ~5MB
- sessionStorage: Tab-specific, ~5MB
Web Security Threats
XSS Protection:
- Set HttpOnly flag on cookies
- Input sanitization
CSRF Mitigation:
- Verify Referer headers
- Implement anti-CSRF tokens
HTTP Methods
- GET: Retrieve resource
- POST: Submit data
- PUT: Replace resource
- DELETE: Remove resource
- HEAD: Get headers only
- OPTIONS: List supported methods
URL Processing Flow
- DNS resolution
- TCP connection
- HTTP request
- Server processing
- Response rendering
- Connection termination
DNS Resolution Process
- Local DNS query
- Root server referral
- TLD server query
- Authoritative server resposne
- Caching and return
Cookie Management
- Domain/path restrictions apply
- Server-side vs client-side setting differences
- HttpOnly flag prevents client access
AJAX Credential Handling
Fetch API:
fetch(url, {
credentials: 'include'
})
Axios:
axios.get(url, { withCredentials: true })
jQuery:
$.ajax({
url: endpoint,
xhrFields: { withCredentials: true }
})
