What is web application?
Web application is a collection of scripts
The definition from the article "Penetration Testing for Web Applications (Part One)" (Jody Melbourne and David Jorm via Symantec).
"A Web application is an application, generally comprised of a collection of scripts, that reside on a Web server and interact with databases or other sources of dynamic content.
They are fast becoming ubiquitous as they allow service providers and their clients to share and manipulate information in an (often) platform-independent manner via the infrastructure of the Internet.
Some examples of Web applications include search engines, Webmail, shopping carts and portal systems.
Web applications typically interact with the user via FORM elements and GET or POST variables (even a 'Click Here' button is usually a FORM submission).
With GET variables, the inputs to the application can be seen within the URL itself, however, with POST requests it is often necessary to study the source of form-input pages (or capture and decode valid requests) in order to determine the users inputs".
An example HTTP request that might be provided to a typical Web application. Every element of this request can potentially be used by the Web application processing the request. The REQUEST-URI identifies the unit of code that will be invoked along with the query string: a separated list of &variable=value pairs defining input parameters. This is the main form of Web applications input. The Session-ID header provides a token identifying the client's established session as a primitive form of authentication. The Host header is used to distinguish between virtual hosts sharing the same IP address and will typically be parsed by the Web server, but is, in theory, within the domain of the Web application.
Web application is a software application
The definition below is from the article "Web Application Scanners: Definitions and Functions" (Proceedings of Hawaii International Conference on System Sciences).
"The Web Application Security Consortium (WASC) defines a web application as “a software application, executed by a web server, which responds to dynamic web page requests over HTTP.”
A web application is comprised of a collection of scripts, which reside on a web server and interact with databases or other sources of dynamic content.
Using the infrastructure of the Internet, web applications allow service providers and clients to share and manipulate information in a platform-independent manner.
Some of the broad categories of web application technologies are communication protocols, formats, server-side and client-side scripting languages, browser plug-ins, and web server API.
A web application has a distributed n-tiered architecture. Typically, there is a client (web browser), a web server, an application server (or several application servers), and a persistence (database) server".
A simplified view of a web application There may be a firewall between web client and web server. Source: samate.nist.gov/docs/wa_paper.pdf
Web application is a program
The definition below is from the article "Java Technologies for Web Applications" (Oracle Technology Network).
"Web applications are programs that run on more than one computer and communicate through a network or server.
Specifically, web applications are accessed with a web browser and are popular because of the ease of using the browser as a user client.
For the enterprise, the ability to update and maintain web applications without deploying and installing software on potentially thousands of client computers is a key reason for their popularity. Web applications are used for webmail, online retail sales, discussion boards, weblogs, online banking, and more. One web application can be accessed and used by millions of people.
Web applications are made up of many parts and often contain mini-programs, some of which have user interfaces, and some of which do not require a graphical user interface (GUI) at all.
A web application can be as simple as a page that shows the current date and time or as complex as a set of pages on which you can look up and book the most convenient flight, hotels, and car rentals for your next vacation".