- Knowledge of the main aspects of HTML, CSS, modern JavaScript - Ability to use a JavaScript at an advanced level for creating web applications at the front-end layer. - Basic knowledge of a framework for creating web applications in JavaScript - Ability to create complete web applications, also in the “single page application” modality, by using a simple back-end API server. - Knowledge of the security risks in the development of browser-based web applications and the ability to enforce and implement best practices to mitigate such issues. - Understanding of the main issues regarding, robustness, interoperability, and performance of the studied applications.

- Ability to program in procedural languages and object-oriented languages, and corresponding debugging skills. - Basic knowledge of HTML. - Basic knowledge of web architectures and of the HTTP protocol - Basic understanding of public-key cryptography, digital signature and certificates - Practical skills with relational Data Bases and SQL

- Recall of web architectures, HTML5, CSS. - Complex layouts, CSS frameworks. Notions of web design. - JavaScript as a language. Variables and objects. Execution in the browser and in nodejs. - Handling forms and tables. DOM. Events. Callbacks. Closures. - Web servers and ExpressJS. Package managers and related security issues. - JSON. HTTP API. Asynchronous programming (async/await, Promise, Fetch). - Single Page Applications. Reactive programming. Introduction to ReactJS. - React applications. Components. JSX. - Identification, authentication and API authorization mechanisms. Tokens, signatures, server-side validation. - Architecture of a complex application. Event routing. State management. - Web related security issues and best practices. - Deployment and publication of applications. - Application examples.

In addition to classes, that include both lectures and exercises in classroom (5.3 credits), the course includes laboratory exercises (2.7 credits) on the application of the presented techniques. The laboratories will consist in the application of the techniques learnt during the classes, by incrementally building a web application of increasing complexity. During the labs the students will discuss with the teachers on their solutions to the assigned exercises. The lab material will be managed through a Git-based platform.

The teacher will provide the material (copy of slides and links to on-line resources) on the website of the course. Many useful resources are also freely available on the web (https://developer.mozilla.org, https://reactjs.org/, https://javascript.info/, etc). Some suggested textbooks for personal in-depth study: - M. Haverbeke, Eloquent Javascript (https://eloquentjavascript.net/) - A. Accomazzo, A. Lerner, N. Murray, C. Allsopp, D. Guttman, T. McGinnis, Fullstack React, 2019

Lecture slides; Lab exercises with solutions; Video lectures (current year);

Exam: Compulsory oral exam; Individual project;

Exam modality: development of an individual project and oral discussion. The exam is aimed to verify the ability to understand the main issues regarding, robustness, interoperability, security risks and performance of web applications, in particular when developed in the form of “single page application”, also considering the implications of such issues on the server side. The exam consists in the development of a practical project (to be implemented individually), followed by an oral discussion. The project consists in creating a web application using the knowledge gained in the course. For the test, an exercise will be assigned 20 days in advance of each exam date. Only students who submit their solution before the deadline are admitted to the oral test. The web application is evaluated by the teacher, by verifying the functionality of the web application, the adopted programming techniques, with particular attention to security practices, according to a checklist that depends on the test. The detailed knowledge of the submitted source code by the student is checked during the oral test, alongside with his/her ability to discuss the project in light of the course topics. All the process of project assignment, development, and submission will be managed through the GitHub platform. The oral check will be performed in a classroom or in a lab. There is no separate evaluation of project and oral exam since the oral exam is only meant to discuss the project, which is the objective of the evaluation.

In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.