網(wǎng)上購物系統(tǒng)外文翻譯

1、<p><b>　　畢業(yè)設(shè)計（論文）</b></p><p><b>　　文獻綜述和外文翻譯</b></p><p>　　設(shè)計 (論文)題目 網(wǎng)上購物系統(tǒng)設(shè)計與實現(xiàn) </p><p>　　學 院： 計算機科學與工程學院 </p><p>　　

2、專 業(yè)： 軟件工程 </p><p>　　年 級： 2008級 </p><p><b>　　文獻綜述</b></p><p>　　摘要：Servlet程序在服務(wù)器端運行，動態(tài)地生成Web頁面與傳統(tǒng)的CGI和許多其他類似CGI的技術(shù)相

3、比，Java Servlet具有更高的效率，更容易使用，功能更強大，具有更好的可移植性，更節(jié)省投資。</p><p>　　關(guān)鍵字：JSP技術(shù)，Servlet，HTTP服務(wù)</p><p>　　1.1Servlet的功能</p><p>　　Servlets是運行在Web或應(yīng)用服務(wù)器上的Java程序，它是一個中間層，負責連接來自Web瀏覽器或其他HTTP客戶程序的請求

4、和HTTP服務(wù)器上的數(shù)據(jù)庫或應(yīng)用程序。Servlet的工作是執(zhí)行西門的任務(wù)，如圖1.1所示 。</p><p>　　圖1.1Web中間件的作用</p><p>　　讀取客戶發(fā)送的顯式數(shù)據(jù)。</p><p>　　最終用戶一般在頁面的HTML表單中輸入這些數(shù)據(jù)。然而，數(shù)據(jù)還有可能來自applet或定制的HTTP客戶程序。</p><p>　　讀取

5、由瀏覽器發(fā)送的隱式請求數(shù)據(jù)。</p><p>　　圖1.1中顯示了一條從客戶端到Web服務(wù)器的單箭頭，但實際上從客戶端傳送到Web服務(wù)器的數(shù)據(jù)有兩種，它們分別為用戶在表單中輸入的顯式數(shù)據(jù)，以及后臺的HTTP信息。兩種數(shù)據(jù)都很重要。HTTP信息包括cookie、瀏覽器所能識別的媒體類型和壓縮模式等。</p><p><b>　　生成結(jié)果。</b></p>

6、<p>　　這個過程可能需要訪問數(shù)據(jù)庫、執(zhí)行RMI或EJB調(diào)用、調(diào)用Web服務(wù)，或者直接計算得出對應(yīng)的響應(yīng)。實際的數(shù)據(jù)可能存儲在關(guān)系型數(shù)據(jù)庫中。該數(shù)據(jù)庫可能不理解HTTP，或者不能返回HTML形式的結(jié)果，所有Web瀏覽器不能直接與數(shù)據(jù)庫進行會話。即使它能夠做到這一點，為了安全上的考慮，我們也不希望讓它這么做。對應(yīng)大多數(shù)其他應(yīng)用程序，也存在類似的問題。因此，我們需要Web中間層從HTTP流中提取輸入數(shù)據(jù)，與應(yīng)用程序會話，并將結(jié)果

7、嵌入到文檔中。</p><p>　　向客戶發(fā)送顯式數(shù)據(jù)（即文檔）。</p><p>　　這個文檔可以用各種格式發(fā)送，包括文本（HTML或XML），二進制（GIF圖），甚至可以式建立在其他底層格式之上的壓縮格式，如gzip。但是，到目前為止，HTML式最常用的格式，故而servelt和JSP的重要任務(wù)之一就式將結(jié)果包裝到HTML中。</p><p>　　發(fā)送隱式的HT

8、TP響應(yīng)數(shù)據(jù)。</p><p>　　圖1.1中顯示了一條從Web中間層到客戶端的單箭頭。但是，實際發(fā)送的數(shù)據(jù)有兩種：文檔本身，以及后臺的HTTP信息。同樣，兩種數(shù)據(jù)對開發(fā)來說都式至關(guān)重要的。HTTP響應(yīng)數(shù)據(jù)的發(fā)送過程涉及告知瀏覽器或其他客戶程序所返回文檔的類型（如HTML），設(shè)置cookie和緩存參數(shù)，以及其他類似的任務(wù)。</p><p>　　1.2動態(tài)構(gòu)建網(wǎng)頁的原因</p>

9、<p>　　預(yù)先建立的文檔可以滿足客戶的許多請求，服務(wù)器無需調(diào)用servlet就可以處理這些請求。然而，許多情況下靜態(tài)的結(jié)果不能滿足要求，我們需要針對每個請求生成一個頁面。實時構(gòu)建頁面的理由有很多種：</p><p>　　1、網(wǎng)頁基于客戶發(fā)送的數(shù)據(jù)。</p><p>　　例如，搜索引擎生成的頁面，以及在線商店的訂單確認頁面，都要針對特定的用戶請求而產(chǎn)生。在沒有讀取到用戶提交的數(shù)

10、據(jù)之前，我們不知道應(yīng)該顯示什么。要記住，用戶提交兩種類型的數(shù)據(jù)：顯示（即HTML表單的數(shù)據(jù)）和隱式（即HTTP請求的報頭）。兩種輸入都可用來構(gòu)建輸出頁面。基于cookie值針對具體用戶構(gòu)建頁面的情況尤其普遍。</p><p>　　2、頁面由頻繁改變的數(shù)據(jù)導出。</p><p>　　如果頁面需要根據(jù)每個具體的請求做出相應(yīng)的改變，當然需要在請求發(fā)生時構(gòu)建響應(yīng)。但是，如果頁面周期性地改變，我們可

11、以用兩種方式來處理它：周期性地在服務(wù)器上構(gòu)建新的頁面（和客戶請求無關(guān)），或者僅僅在用戶請求該頁面時再構(gòu)建。具體應(yīng)該采用哪種方式要根據(jù)具體情況而定，但后一種方式常常更為方便，因為它只需簡單地等待用戶的請求。例如，天氣預(yù)報或新聞網(wǎng)站可能會動態(tài)地構(gòu)建頁面，也有可能會返回之前構(gòu)建的頁面（如果它還是最新的話）。</p><p>　　3、頁面中使用了來自公司數(shù)據(jù)庫或其他數(shù)據(jù)庫斷數(shù)據(jù)源的信息。</p><p

12、>　　如果數(shù)據(jù)存儲在數(shù)據(jù)庫中，那么，即使客戶端使用動態(tài)Web內(nèi)容，比如applet，我們依舊需要執(zhí)行服務(wù)器端處理。想象以下，如果一個搜索引擎網(wǎng)站完全使用applet，那么用戶將會看到：“正在下載50TB的applet，請等待！”。顯然，這樣很愚蠢；這種情況下，我們需要與數(shù)據(jù)庫進行會話。從客戶端到Web層再到數(shù)據(jù)庫（三層結(jié)構(gòu)），要比從applet直接到數(shù)據(jù)庫（二層結(jié)構(gòu)）更靈活，也更安全，而性能上的損失很少甚至沒有。畢竟數(shù)據(jù)庫調(diào)用通常

13、是對速度影響最大的步驟，因而，經(jīng)過中間層可以執(zhí)行高速緩存和連接共享。</p><p>　　理論上講，servelt并非只用于處理HTTP請求的Web服務(wù)器或應(yīng)用服務(wù)器，它同樣可以用于其他類型的服務(wù)器。例如，servlet能夠嵌入到FTP或郵件服務(wù)器中，擴展他們的功能。而且，用于會話啟動協(xié)議服務(wù)器的servlet API最近已經(jīng)被標準化（參見http://jcp.org/en/jsr/detail?id=116）。

14、但在實踐中，servelt的這種用法尚不流行，在此，我們只論述HTTP Servlet。</p><p>　　1.3 Servlet相對于“傳統(tǒng)”CGI的優(yōu)點</p><p>　　和傳統(tǒng)CGI及許多類CGI技術(shù)相比，Java servelt效率更高、更易用、更強大、更容易移植、更安全、也更廉價。</p><p><b>　　1、效率</b>&l

15、t;/p><p>　　應(yīng)用傳統(tǒng)的CGI，針對每個HTTP請求都用啟動一個新的進程。如果CGI程序自身相對比較簡短，那么啟動進程的開銷會占用大部分執(zhí)行時間。而使用servelt，Java虛擬機會一直運行，并用輕量級的Java線程處理每個請求，而非重量級的操作系統(tǒng)進程。類似地，應(yīng)用傳統(tǒng)的CGI技術(shù)，如果存在對同一CGI程序的N個請求，那么CGI程序的代碼會載入內(nèi)存N次。同樣的情況，如果使用servlet則啟動N個線程，單

16、僅僅載入servlet類的單一副本。這種方式減少了服務(wù)器的內(nèi)存需求，通過實例化更少的對象從而節(jié)省了時間。最后，當CGI程序結(jié)束對請求的處理之后，程序結(jié)束。這種方式難以緩存計算結(jié)果，保持數(shù)據(jù)庫連接打開，或是執(zhí)行依靠持續(xù)性數(shù)據(jù)的其他優(yōu)化。然而，servelt會一直停留在內(nèi)存中（即使請求處理完畢），因而可以直接存儲客戶請求之間的任意復雜數(shù)據(jù)。</p><p><b>　　2、便利</b></

17、p><p>　　Servelt提供大量的基礎(chǔ)構(gòu)造，可以自動分析和解碼HTML的表單數(shù)據(jù)，讀取和設(shè)置HTTP報頭，處理cookie，跟蹤會話，以及其他次類高級功能。而在CGI中，大部分工作都需要我們資金完成。另外，如果您已經(jīng)了解了Java編程語言，為什么還有學校Perl呢？您已經(jīng)承認應(yīng)用Java技術(shù)編寫的代碼要比Visual Basic，VBScript或C＋＋編寫的代碼更可靠，且更易重用，為什么還有倒退回去選擇那些語

18、言來開發(fā)服務(wù)器端的程序呢？</p><p><b>　　3、強大</b></p><p>　　Servlet支持常規(guī)CGI難以實現(xiàn)或根本不能實現(xiàn)的幾項功能。Servlet能夠直接于Web服務(wù)器對話，而常規(guī)的CGI程序做不到這一點，至少在不使用服務(wù)器專有API的情況下是這樣。例如，與Web服務(wù)器的通信使得講相對URL轉(zhuǎn)換成具體的路徑名變得更為容易。多個servelt還可

19、以共享數(shù)據(jù)，從而易于實現(xiàn)數(shù)據(jù)庫連接共享和類似的資源共享優(yōu)化。Servelt還能維護請求之間的信息，使得諸如會話跟蹤和計算結(jié)果緩存等技術(shù)變得更為簡單。</p><p><b>　　4、可移植性</b></p><p>　　Servelt使用Java編程語言，并且遵循標準的API。所有主要的Web服務(wù)器。實際上都直接或通過插件支持servlet。因此。為Macromedi

20、a JRun編寫的servlet，可以不經(jīng)過任何修改地在Apache Tomcat，Microsoft Internet Information Server，IBM WebSphere 。iPlanet Enterprise Server。Oracle9i AS 或者StrNine WebStar上運行。他們是java2平臺企業(yè)版的一部分，所以對servlet的支持越來越普遍。</p><p><b>

21、;　　5、廉價</b></p><p>　　對于開發(fā)用的網(wǎng)站、低容量或中等容量網(wǎng)站的部署，有大量免費或極為廉價的Web服務(wù)器可供選擇。因此，通過使用servelt和jsp，我們可以從免費或廉價的服務(wù)器開始，在項目獲得初步成功后，在移植到更高性能或高級管理工具的昂貴的服務(wù)器上。這與其他CGI方案形成鮮明的對比，這些CGI方案在初期都需要為購買專利軟件包投入大量的資金。</p><p&

22、gt;　　價格和可移植性在某種程度上是相互關(guān)聯(lián)的。例如，Marty記錄了所有通過電子郵件向他發(fā)送問題的讀者的所在國。印度接近列表的頂端，可能僅次于美國。Marty曾在馬尼拉講授過jsp和servlet培訓課程，那兒對servelt和jsp技術(shù)抱很大的興趣。</p><p>　　那么，為什么印度和菲律賓都對這項技術(shù)著呢感興趣呢？我們推測答案可能分兩部分。首先，這兩個國家都擁有大量訓練有素的軟件開發(fā)人員。其次，這兩個

23、國家的貨幣對美元的匯率都極為不利。因此，從美國公司那里購買專用Web服務(wù)器會消耗掉項目的大部分前期資金。</p><p>　　但是，使用servlet 和JSP，他們能夠從免費的服務(wù)器開始：Apache Tomcat。項目取得成功之后，他們可以轉(zhuǎn)移到性能更高、管理更容易，但需要付費的服務(wù)器。他們的servelt和jsp不需要重寫編寫。如果他們的項目變得更龐大，他們或許希望轉(zhuǎn)移到分布式環(huán)境。沒有問題：他們可以轉(zhuǎn)而使

24、用Macromedia JRun Professional，該服務(wù)器支持分布式應(yīng)用。同樣，他們的servelt和jsp沒有任何部分需要重寫。如果項目變得極為龐大，錯綜復雜，他們或許希望使用Enterprise JavaBeans來封裝他們的商業(yè)邏輯。因此，他們可以切換到BEA WebLogic或Oracle9i AS。同樣，不需要對servlet和jsp做出更改。最后，如果他們的項目變得更龐大，他們或許將他從Linux轉(zhuǎn)移到運行IBM

25、WebSphere的IBM大型機上。他們還是不需要做出任何更改。</p><p><b>　　6、安全</b></p><p>　　傳統(tǒng)CGI程序中主要的漏洞來源之一就是，CGI程序常常由通過的操作系統(tǒng)外殼來執(zhí)行。因此,CGI程序必須仔細地過濾掉那些可能被外殼特殊處理的字符，如反引導和分號。實現(xiàn)這項預(yù)防措施的難度可能超出我們的想象，在廣泛應(yīng)用的CGI庫中，不斷發(fā)現(xiàn)由這

26、類問題引發(fā)的弱點。</p><p>　　問題的第二個來源是，一些CGI程序用不自動檢查數(shù)組和字符串邊界的語言編寫而成。例如，在C和C＋＋中，可以分配一個100個元素的數(shù)組，然后向第999個“元素“寫入數(shù)據(jù)——實際上是程序內(nèi)存的隨機部分，這完全合法。因而，如果程序員忘記執(zhí)行這項檢查，就會將系統(tǒng)暴露在蓄意或偶然的緩沖區(qū)溢出攻擊之下。</p><p>　　Servelt不存在這些問題。即使ser

27、velt執(zhí)行系統(tǒng)調(diào)用激活本地操作系統(tǒng)上的程序，它也不會用到外殼來完成這項任務(wù)。當然，數(shù)組邊界的檢查以及其他內(nèi)存包含特性是java編程語言的核心部分。</p><p><b>　　7、主流</b></p><p>　　雖然存在許多很好的技術(shù)，但是，如果提供商助支持他們，或開發(fā)人員不知道如何使用這些技術(shù)，那么它們的優(yōu)點又如何體現(xiàn)呢？servelt和jsp技術(shù)得到服務(wù)器提供

28、商的廣泛支持，包括Apache，Oracle，IBM，Sybase，BEA，Maromedia，Causho，Sun/iPlanet，New Atlanta，ATG，F(xiàn)ujitsu，Lutris，Silverstream，World Wide Web Consortinrm ，以及其他服務(wù)器。存在幾種低廉的插件，通過應(yīng)用這些插件，Microsoft IIS和Zeus也同樣支持servlet和jsp技術(shù)，它們運行在Windows，Unix

29、/Linus,MacOS,VMS，和IBM大型機操作系統(tǒng)之上。它們用在航空業(yè)、電子商務(wù)、在線銀行、web搜索引擎、門戶、大型金融網(wǎng)站、以及成百上千您日常光顧的其他網(wǎng)站。</p><p>　　當然，僅僅是流行并不能證明技術(shù)的優(yōu)越性。很多泛美的例子。但我們的立場是：服務(wù)器端Java本非一項新的、為經(jīng)證實的技術(shù)。</p><p>　　An Overview of Servlet and JSP

30、Technology</p><p>　　Abstract: Servlet program running in the server-side, dynamically generated Web page with the traditional CGI and many other similar compared to CGI technology, Java Servlet with a more e

31、fficient, easier to use, more powerful and has better portability, more savings to invest .</p><p>　　Key words: JSP Technology, Servlet, HTTP server</p><p>　　1.1 A Servlet's Job</p>

32、<p>　　Servlets are Java programs that run on Web or application servers, acting as a middle layer between requests coming from Web browsers or other HTTP clients and databases or applications on the HTTP server. The

33、ir job is to perform the following tasks, as illustrated in Figure 1-1.</p><p>　　Figure 1-1</p><p>　　1．Read the explicit data sent by the client.</p><p>　　The end user normally ente

34、rs this data in an HTML form on a Web page. However, the data could also come from an applet or a custom HTTP client program.</p><p>　　2．Read the implicit HTTP request data sent by the browser.</p>&l

35、t;p>　　Figure 1-1 shows a single arrow going from the client to the Web server (the layer where servlets and JSP execute), but there are really two varieties of data: the explicit data that the end user enters in a for

36、m and the behind-the-scenes HTTP information. Both varieties are critical. The HTTP information includes cookies, information about media types and compression schemes the browser understands, and so on.</p><p

37、>　　3．Generate the results.</p><p>　　This process may require talking to a database, executing an RMI or EJB call, invoking a Web service, or computing the response directly. Your real data may be in a rel

38、ational database. Fine. But your database probably doesn't speak HTTP or return results in HTML, so the Web browser can't talk directly to the database. Even if it could, for security reasons, you probably would

39、not want it to. The same argument applies to most other applications.You need the Web middle layer to extract the result</p><p>　　inside a document.</p><p>　　4．Send the explicit data (i.e., the

40、document) to the client.</p><p>　　This document can be sent in a variety of formats, including text (HTML or XML), binary (GIF images), or even a compressed format like gzip that is layered on top of some ot

41、her underlying format. But, HTML is by far the most common format, so an important servlet/JSP task is to wrap the results inside of HTML.</p><p>　　5．Send the implicit HTTP response data.</p><p>

42、;　　Figure 1-1 shows a single arrow going from the Web middle layer (the servlet or JSP page) to the client. But, there are really two varieties of data sent: the document itself and the behind-the-scenes HTTP information

43、. Again, both varieties are critical to effective development. Sending HTTP response data involves telling the browser or other client what type of document is being returned (e.g., HTML), setting cookies and caching par

44、ameters, and other such tasks. </p><p>　　1.2 Why Build Web Pages Dynamically?</p><p>　　many client requests can be satisfied by prebuilt documents, and the server would handle these requests wi

45、thout invoking servlets. In many cases, however, a static result is not sufficient, and a page needs to be generated for each request. There are a number of reasons why Web pages need to be built on-the-fly:</p>&

46、lt;p>　　1． The Web page is based on data sent by the client.</p><p>　　For instance, the results page from search engines and order-confirmation pages at online stores are specific to particular user reques

47、ts. You don't know what to display until you read the data that the user submits. Just remember that the user submits two kinds of data: explicit (i.e., HTML form data) and implicit (i.e., HTTP request headers). Eith

48、er kind of input can be used to build the output page. In particular, it is quite common to build a user-specific page based on a cookie value.</p><p>　　2．The Web page is derived from data that changes frequ

49、ently.</p><p>　　If the page changes for every request, then you certainly need to build the response at request time. If it changes only periodically, however, you could do it two ways: you could periodicall

50、y build a new Web page on the server (independently of client requests), or you could wait and only build the page when the user requests it. The right approach depends on the situation, but sometimes it is more convenie

51、nt to do the latter: wait for the user request. For example, a weather report or news hea</p><p>　　3．The Web page uses information from corporate databases or other server-side sources.</p><p>　

52、　If the information is in a database, you need server-side processing even if the client is using dynamic Web content such as an applet. Imagine using an applet by itself for a search engine site:</p><p>　　&

53、quot;Downloading 50 terabyte applet, please wait!" Obviously, that is silly; you need to talk to the database. Going from the client to the Web tier to the database (a three-tier approach) instead of from an applet

54、directly to a database (a two-tier approach) provides increased flexibility and security with little or no performance penalty. After all, the database call is usually the rate-limiting step, so going through the Web ser

55、ver does not slow things down. In fact, a three-tier approach is ofte</p><p>　　In principle, servlets are not restricted to Web or application servers that handle HTTP requests but can be used for other type

56、s of servers as well. For example, servlets could be embedded in FTP or mail servers to extend their functionality. And, a servlet API for SIP (Session Initiation Protocol) servers was recently standardized (see http://j

57、cp.org/en/jsr/detail?id=116). In practice, however, this use of servlets has not caught on, and we'll only be discussing HTTP servlets.</p><p>　　1.3 The Advantages of Servlets Over "Traditional&quo

58、t; CGI</p><p>　　Java servlets are more efficient, easier to use, more powerful, more portable, safer, and cheaper than traditional CGI and many alternative CGI-like technologies.</p><p>　　1．Effi

59、cient</p><p>　　With traditional CGI, a new process is started for each HTTP request. If the CGI program itself is relatively short, the overhead of starting the process can dominate the execution time. With

60、servlets, the Java virtual machine stays running and handles each request with a lightweight Java thread, not a heavyweight operating system process. Similarly, in traditional CGI, if there are N requests to the same CGI

61、 program, the code for the CGI program is loaded into memory N times. With servlets, how</p><p>　　2．Convenient</p><p>　　Servlets have an extensive infrastructure for automatically parsing and de

62、coding HTML form data, reading and setting HTTP headers, handling cookies, tracking sessions, and many other such high-level utilities. In CGI, you have to do much of this yourself. Besides, if you already know the Java

63、programming language, why learn Perl too? You're already convinced that Java technology makes for more reliable and reusable code than does Visual Basic, VBScript, or C++. Why go back to those languages for</p>

64、<p>　　3．Powerful</p><p>　　Servlets support several capabilities that are difficult or impossible to accomplish with regular CGI. Servlets can talk directly to the Web server, whereas regular CGI progr

65、ams cannot, at least not without using a server-specific API. Communicating with the Web server makes it easier to translate relative URLs into concrete path names, for instance. Multiple servlets can also share data, ma

66、king it easy to implement database connection pooling and similar resource-sharing optimizations. Servlets</p><p>　　4．Portable</p><p>　　Servlets are written in the Java programming language and

67、follow a standard API. Servlets are supported directly or by a plugin on virtually every major Web server. Consequently, servlets written for, say, Macromedia JRun can run virtually unchanged on Apache Tomcat, Microsoft

68、Internet Information Server (with a separate plugin), IBM WebSphere, iPlanet Enterprise Server, Oracle9i AS, or StarNine WebStar. They are part of the Java 2 Platform, Enterprise Edition (J2EE; see http://java.sun.com/j2

69、ee</p><p>　　5．Inexpensive</p><p>　　A number of free or very inexpensive Web servers are good for development use or deployment of low- or medium-volume Web sites. Thus, with servlets and JSP you

70、 can start with a free or inexpensive server and migrate to more expensive servers with high-performance capabilities or advanced administration utilities only after your project meets initial success. This is in contras

71、t to many of the other CGI alternatives, which require a significant initial investment for the purchase of a proprietary</p><p>　　Price and portability are somewhat connected. For example, Marty tries to ke

72、ep track of the countries of readers that send him questions by email. India was near the top of the list, probably #2 behind the U.S. Marty also taught one of his JSP and servlet training courses (see http://courses.cor

73、eservlets.com/) in Manila, and there was great interest in servlet and JSP technology there.</p><p>　　Now, why are India and the Philippines both so interested? We surmise that the answer is twofold. First,

74、both countries have large pools of well-educated software developers. Second, both countries have (or had, at that time) highly unfavorable currency exchange rates against the U.S. dollar. So, buying a special-purpose We

75、b server from a U.S. company consumed a large part of early project funds.</p><p>　　But, with servlets and JSP, they could start with a free server: Apache Tomcat (either standalone, embedded in the regular

76、Apache Web server, or embedded in Microsoft IIS). Once the project starts to become successful, they could move to a server like Caucho Resin that had higher performance and easier administration but that is not free. Bu

77、t none of their servlets or JSP pages have to be rewritten. If their project becomes even larger, they might want to move to a distributed (clustered) enviro</p><p><b>　　6．Secure</b></p>&

78、lt;p>　　One of the main sources of vulnerabilities in traditional CGI stems from the fact that the programs are often executed by general-purpose operating system shells. So, the CGI programmer must be careful to filte

79、r out characters such as backquotes and semicolons that are treated specially by the shell. Implementing this precaution is harder than one might think, and weaknesses stemming from this problem are constantly being unco

80、vered in widely used CGI libraries.</p><p>　　A second source of problems is the fact that some CGI programs are processed by languages that do not automatically check array or string bounds. For example, in

81、C and C++ it is perfectly legal to allocate a 100-element array and then write into the 999th "element," which is really some random part of program memory. So, programmers who forget to perform this check open

82、 up their system to deliberate or accidental buffer overflow attacks.</p><p>　　Servlets suffer from neither of these problems. Even if a servlet executes a system call (e.g., with Runtime.exec or JNI) to inv

83、oke a program on the local operating system, it does not use a shell to do so. And, of course, array bounds checking and other memory protection features are a central part of the Java programming language.</p>&l

84、t;p>　　7．Mainstream</p><p>　　There are a lot of good technologies out there. But if vendors don't support them and developers don't know how to use them, what good are they? Servlet and JSP technol

85、ogy is supported by servers from Apache, Oracle, IBM, Sybase, BEA, Macromedia, Caucho, Sun/iPlanet, New Atlanta, ATG, Fujitsu, Lutris, Silverstream, the World Wide Web Consortium (W3C), and many others. Several low-cost

86、plugins add support to Microsoft IIS and Zeus as well. They run on Windows, Unix/Linux, MacOS, VMS, and IBM main</p><p>　　Of course, popularity alone is no proof of good technology. Numerous counter-examples