- Knowledge of the main aspects of HTML, CSS, and modern JavaScript - Ability to use JavaScript at an advanced level to create web applications at the front-end layer. - Basic knowledge of a framework for creating web applications in JavaScript - The ability to create complete web applications in the “single page application” modality, also developing a simple back-end API server. - Knowledge of the security risks in developing browser-based web applications and the ability to enforce and implement best practices to mitigate such issues, both on client and server sides. - Knowledge of the main issues regarding robustness, interoperability, and performance of the studied applications, and their applicable best practices.

- Ability to program in procedural and object-oriented languages and corresponding debugging skills. - Basic knowledge of HTML. - Basic knowledge of web architectures and the HTTP protocol. - Basic understanding of public-key cryptography, digital signatures, and certificates. - Practical skills with relational databases and SQL.

- Recall of web architectures, HTML5, CSS. - Complex layouts, CSS frameworks. Notions of web design. - JavaScript as a language. Variables and objects. Execution in the browser and nodejs. - DOM. Events. Callbacks. Closures. - Web servers and ExpressJS. Package managers and related security issues. - JSON. HTTP API. Asynchronous programming (async/await, Promise, Fetch). - Single Page Applications. Introduction to ReactJS. - React applications. Components. JSX. Handling forms and tables. - Identification, authentication, and API authorization mechanisms. Server-side validation. - Architecture of a complex application. State management. - Web-related security issues and best practices. - Application examples.

Most of the communications between teachers and students will happen, for convenience, through instant messaging systems (for instance, a Telegram group).

In addition to classes, including both lectures and exercises in the classroom (5.3 credits), the course includes laboratory exercises (2.7 credits) on the application of the presented techniques. The laboratories will consist of applying the techniques learnt during the classes by incrementally building a web application of increasing complexity, similarly to what will be done by the teacher on another web application example, whose code will promptly shared with the student at the end of each lecture through a Git-based platform. The students will be able to discuss their solutions to the assigned exercises during the labs with the teachers. Also the lab material will be managed through a Git-based platform. Laboratories will be held in regular lecture rooms, and the students are expected to work on their own computers. Optionally, the activities will be carried out with particular attention to innovative teaching methodologies that, when employed, will be adequately presented to the students during the course, including how they will potentially and eventually contribute to the final mark. For example, the activities could include experimentation with code generated using machine learning approaches (e.g., LLM-based), followed by a critical evaluation by students and/or groups or a teacher-guided cross-group assessment of the outcome of laboratory activities.

The teacher will provide the material (copy of slides and links to on-line resources) on the website of the course. Many useful resources are also freely available on the web (https://developer.mozilla.org, https://reactjs.org/, https://javascript.info/, etc). Some suggested textbooks for personal in-depth study: - M. Haverbeke, Eloquent Javascript (https://eloquentjavascript.net/) - A. Accomazzo, A. Lerner, N. Murray, C. Allsopp, D. Guttman, T. McGinnis, Fullstack React, 2019

Lecture slides; Lab exercises with solutions; Video lectures (current year);

You can take this exam before attending the course

Exam: Compulsory oral exam; Individual project;

Exam modality: development of an individual project and oral discussion. The exam is aimed at verifying the ability to understand the main issues regarding robustness, interoperability, security risks, and performance of web applications, in particular when developed in the form of a “single page application”, also considering the implications of such issues on the server side. The exam consists of developing a practical project (to be implemented individually), followed by an oral discussion. Automatic similarity checks will be run offline after project submission. In case of high similarity, after a manual review assessment by the teacher, the submissions might be voided. The project consists of creating a web application using the knowledge gained in the course. For the test, an exercise will be assigned 20 days in advance of each exam date. Only students who submit their solutions before the deadline are admitted to the oral test. The teacher evaluates the web application by verifying its functionality and the adopted programming techniques, with particular attention to security practices, according to a checklist that depends on the test. The detailed knowledge of the submitted source code by the student is checked during the oral test, alongside their ability to discuss the project in light of the course topics. It is not forbidden to utilize AI coding assistance, but the student must declare it, and he/she still has 100% responsibility for the knowledge, understanding and capacity to explain the code. If it emerges that the student does not have mastery of the written code and underlying design, the exam will be immediately canceled, without a numerical evaluation. The oral discussion will last 20-30 minutes, and will be taken in a classroom or a laboratory. Note that since it is an oral discussion, due to the number of student involved, a schedule will be prepared the day after the submission deadline, i.e., after similarity checks have been run. The actual oral discussion usually take place in the days following the official exam date. If unsure, contact the teacher well in advance for advice, in particular before booking tickets etc. There is no separate evaluation of the project and oral exam since the oral exam is only meant to discuss the project, which is the objective of the evaluation. The exam score will be on a scale of 30 points. This part already allows achieving the maximum mark (i.e., cum laude) if the project has been developed in a clear and correct manner, it is deemed to have exceptional quality, and the discussion has been particularly brilliant. If optional innovative teaching activities are activated in the corresponding academic year (as described in the course organization section), some additional points on the final mark might be available for the students who took part in them. The detailed rules will depend on the specific activity, which could be different for each year, and will be promptly communicated to the students before the activities themselves.

In addition to the message sent by the online system, students with disabilities or Specific Learning Disorders (SLD) are invited to directly inform the professor in charge of the course about the special arrangements for the exam that have been agreed with the Special Needs Unit. The professor has to be informed at least one week before the beginning of the examination session in order to provide students with the most suitable arrangements for each specific type of exam.