We use websites all the time, but how does clicking a link in your browser or typing in a URL in the address bar get you to a website? How does the server know what information you're looking for or how to send you that information once it's figured that out? How can you protect your users from attackers? Dig into this course and you'll be able to answer these questions!
This course will guide you through how a client communicates with a server. You'll learn about HTTP's request and response cycle, dig into HTTP headers and verbs, distinguish HTTP/1 from HTTP/2 capabilities, all while experiencing the importance of security by digging into the details of HTTPS. Throughout the course, you'll learn both security best practices, as well as ways to improve the performance of your web apps. We'll provide you with handcrafted servers where you'll diagnose problematic server setups, issues with SSL certificates, and even have a chance to hack an example bank website to transfer funds.
Why Take This Course? Typically, web developers do not work directly with underlying platform of HTTP. But knowing how information is transferred across the wire is vital to creating efficient and professional apps. This course will dig into the ins and outs of application performance as well as cover common security pitfalls and how to prevent them.
## Lesson 1: HTTP’s Request Response Cycle
Learn about HTTP's request and response cycle. We'll look at the pieces that make up both requests and responses, who originates these requests, and how these messages relate to each other.
## Lesson 2: HTTP/1
Find out how HTTP/1 is used in practice by mapping the requests types from lesson 1 into specific HTTP verbs and the response types into response codes & headers.
## Lesson 3: HTTPS
Discover what the "S" in HTTPS is all about. We'll look at TLS (the successor to SSL), cryptography, Certificate Authorities, and HTTP Mixed Content issues.
## Lesson 4: HTTP/2
Look at the areas where HTTP/2 improves on and extends HTTP/1. We'll also look at different optimizations that were created to handle limitations with HTTP/1 but are now anti-patterns in HTTP/2.
## Lesson 5: Security
Security is the undercurrent throughout this course, but it's so important it also needs its own lesson. We'll look at and resolve common security problems like CORS, CSRF, XSS, and more!
MOOCs stand for Massive Open Online Courses. These arefree online courses from universities around the world (eg. StanfordHarvardMIT) offered to anyone with an internet connection.
How do I register?
To register for a course, click on "Go to Class" button on the course page. This will take you to the providers website where you can register for the course.
How do these MOOCs or free online courses work?
MOOCs are designed for an online audience, teaching primarily through short (5-20 min.) pre recorded video lectures, that you watch on weekly schedule when convenient for you. They also have student discussion forums, homework/assignments, and online quizzes or exams.
David Baldiecompleted this course, spending 4 hours a week on it and found the course difficulty to be medium.
It starts out very basic, covering stuff you likely already know. Then it ramps up when you get to http2, and spends a good amount of time on security towards the end. Each section is pretty short with a quick video or 2 followed by short quiz. The quizzes are usually just 1 question, but require you to do a good amount of work. You can tell they've done their prep work as the quizzes are made pretty well. There are a couple of answers that you'll probably not get (others have had difficulty as well, as you might see in the forums for this course). Overall, I learned a decent amount and reinforced a lot of what I did know.