Twitter GitHub LinkedIn IPND

Stage 4: The Full Stack

  1. Understanding Servers

  2. The Importance of Validating Input

  3. HTML Templates and Abstraction


Understanding Servers

The Request

Your browser sends an HTTP request to the web server after you enter a URL into the browser and the browser looks up the IP address for the domain name entered.

The HTTP request line has the following form:

  • Method Path Version
  • GET HTTP/1.1

Two of the most common methods are GET requests and POST requests. A GET request sends its parameters via the URL (e.g., while a POST request sends its parameters inthe request body, just under the headers (source).

The request line is followed by a number of headers, which provide information about the request. Headers have the form 'name: value'. The value can contain whitespace, however the name cannot. Some examples of headers are:

  • Host:
  • User-Agent: Chrome

Handling the Request

The server receives the HTTP request and processes it. This processing step involves server software deciding which request handler should be executed to handle this request.

A request handler is a program that reads the request and generates HTML for the response based on the information in the request.

The Response

After handling the HTTP request, the server sends an HTTP response to the browser. This response contains the HTML for the requested web page. The response looks very similar to the request.

The status line is the HTTP request line of the HTTP response. The status line has the form:

  • Version Status code Reason phrase
  • HTTP/1.1 200 OK

The status code is a three-digit integer that tells us whether or not the request was satisfied. The first digit (between 1 and 5) defines the class of the status code, where the following meanings are observed (source):

  • 1xx: Informational. Request received, continuing process.
  • 2xx: Success. The action was successfully received, understood, and accepted.
  • 3xx: Redirection. Further action must be taken in order to complete the request.
  • 4xx: Client Error. The request contains bad syntax or cannot be fulfilled.
  • 5xx: Server Error. The server failed to fulfill an apparently valid request.

Like the request line, the status line is followed by a number of headers (e.g. Date, Server (analogous to user agent), Content-Type (e.g. text/html)).

There are two types of responses: static and dynamic. Examples of static responses are pre-written files and images. Dynamic responses are pages built dynamically on the fly by programs called web applications. Web applications live on a web server, speak HTTP, and generate the content that your browser requests.

The browser then renders the HTML contained in the response. This rendering starts before the browser has received the entire HTML document.

The Importance of Validating Input

Input Validation

Web applications are notorious for taking practically any type of input, assuming that it's valid, and processing it further. Not validating input is one of the greatest mistakes that web application developers can make (source).

Input validation means verifying on the server side that we have received what we expected to receive. After checking the input, the form either points out that the user made an error, or assures that the provided data is accurate.


Malicious users can send parameters with arbitrary junk directly to our server, even if the forms on our page limit user input options (e.g. checkbox or dropdown list). This insertion of malformed data can confuse, crash, or make the web application divulge too much information to the attacker. It is important that our server validates input to diffuse these attacks and protect our information.

This page has detailed information on several types of input attacks and their consequences.

User Experience

Input validation is important for user experience because it provides a medium for conversation with users and guides them through the difficult times of errors and uncertainty (source).

HTML escaping is also important for user experience to ensure that the visual structure of the web page is maintained.

HTML Templates and Abstraction

Why Programmers Use Templates

Templates allow for the separation of HTML code from other code (e.g. Python code). This separation makes the code easier to read and maintain.

Templates allow for the modularization of code. Each part of the page (e.g. the head section, a common header/footer, and the body section) can be defined in separate sections and/or files. This modular approach allows programmers to avoid repetition. andrew_R from the Udacity discussion forum has a great anecdote for why templates are useful:andrew_R from the discussion forum discussing templates

How Templates Help Programmers Avoid Repetition

Templates are like an HTML page skeleton. As mentioned above, a template will define certain parts of the page. Other pages can then inherit or extend from that template. This allows the page to inherit everything that was defined in the template plus the content the page itself defines.

Inside of the template files, we can specify locations in the code that change the resulting HTML page depending on the variables we pass into the template. This feature allows us to 1) pass in lists of variable length using for or while loops and 2) use logical statements to pass in variables in some scenarios but not in others.

The Importance of Avoiding Repetition

The name of the programming game is increasing productivity. Avoiding repetition by using templates is important because:

  • It saves the programmer time
  • Less code needs to be written, therefore making it easier to understand when it is being reviewed
  • Less risk of typos and therefore less chance of buggy code

Logged in as: Anonymous
Login wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
like it , such a nice try
May 22, 2018 | 7:05 wrote:
well done
January 5, 2018 | 17:01 wrote:
November 23, 2017 | 8:11 wrote:
June 14, 2017 | 4:06 wrote:
Anybody got this project without his name written all over it ?
May 15, 2017 | 12:05 wrote:
Anybody got this project without his name written all over it ?
May 15, 2017 | 12:05 wrote:
This is awesome but still SUCK DICK
April 10, 2017 | 22:04 wrote:
Suck Dick
April 10, 2017 | 22:04 wrote:
March 2, 2017 | 22:03 wrote:
Damn i've spent like one hour reading all your stuff...and i'm supposed to be studying rn...:(
December 11, 2016 | 9:12 wrote:
October 2, 2016 | 18:10 wrote:
September 29, 2016 | 17:09 wrote:
September 13, 2016 | 4:09 wrote:
If I were a Teenage Mutant Ninja Turtle, now I'd say "Kbguoanwa, dude!"
July 23, 2016 | 14:07
uncle.optimus wrote:
Andrew Chen approves :)
January 21, 2016 | 2:01