Summary

We use websites all the time, but how does clicking a link in your browser or typing in a URL in the address bar get you to a website? How does the server know what information you're looking for or how to send you that information once it's figured that out? How can you protect your users from attackers? Dig into this course and you'll be able to answer these questions!

This course will guide you through how a client communicates with a server. You'll learn about HTTP's request and response cycle, dig into HTTP headers and verbs, distinguish HTTP/1 from HTTP/2 capabilities, all while experiencing the importance of security by digging into the details of HTTPS. Throughout the course, you'll learn both security best practices, as well as ways to improve the performance of your web apps. We'll provide you with handcrafted servers where you'll diagnose problematic server setups, issues with SSL certificates, and even have a chance to hack an example bank website to transfer funds.

Expected Learning

Typically, web developers do not work directly with underlying platform of HTTP. But knowing how information is transferred across the wire is vital to creating efficient and professional apps. This course will dig into the ins and outs of application performance as well as cover common security pitfalls and how to prevent them.

Syllabus

Learn about HTTP's request and response cycle. We'll look at the pieces that make up both requests and responses, who originates these requests, and how these messages relate to each other.

Find out how HTTP/1 is used in practice by mapping the requests types from lesson 1 into specific HTTP verbs and the response types into response codes & headers.

Discover what the "S" in HTTPS is all about. We'll look at TLS (the successor to SSL), cryptography, Certificate Authorities, and HTTP Mixed Content issues.

Look at the areas where HTTP/2 improves on and extends HTTP/1. We'll also look at different optimizations that were created to handle limitations with HTTP/1 but are now anti-patterns in HTTP/2.

Security is the undercurrent throughout this course, but it's so important it also needs its own lesson. We'll look at and resolve common security problems like CORS, CSRF, XSS, and more!

Required Knowledge

We expect that you are comfortable reading and writing HTML, CSS and JavaScript. Knowledge of JavaScript's Fetch API is not required but will be beneficial. Check out our JavaScript Promises course to learn about Fetch.

Other Requirements:

• comfort with command line tools

See the technology requirements for using Udacity.