fix content on module1 r1 to r3.4 based on review

Author: Shrreya

module1-introduction-to-backend/r1-introduction-to-backend/README.md

@@ -15,21 +15,27 @@ The frontend of a website is the visible part that users interact with. It is al
 
 A frontend developer is responsible for writing and maintaining the code for the user interface of the website and the architecture and functionality for the user experience of the website. Frontend developers must be competent in HTML, CSS and Javascript as their foundation along with one or more modern frameworks like ReactJS, AngularJS, VueJS, EmberJS, BackboneJS, Foundation or Svelte. They also work with UI libraries like Sass, Bootstrap, Tailwind, React Bootstrap, Material UI, Ant Design and Semantic UI and tools like Babel, Webpack, Gatsby.
 
-Frontend developers are sometimes seen as a combination of a user interface designer, user experience designer and software developer – someone who appreciates the aesthetic, usability as well as functionality of an application. They care about delivering the features and functionalities, but they also go the extra mile to ensure the user interface is aesthetically pleasing and the experience is seamless. A great frontend developer is not only proficient in programming but also good at empathising with the end users.<br/><br/><img src="https://drive.google.com/uc?export=view&id=1EiN2DOjCpmS05ZLyrT73kVhM34Ne0S5-"><br/><br/>
+Frontend developers are sometimes seen as a combination of a user interface designer, user experience designer and software developer – someone who appreciates the aesthetic, usability as well as functionality of an application. They care about delivering the features and functionalities, but they also go the extra mile to ensure the user interface is aesthetically pleasing and the experience is seamless. A great frontend developer is not only proficient in programming but also good at empathising with the end users.
+
+<img src="https://drive.google.com/uc?export=view&id=1EiN2DOjCpmS05ZLyrT73kVhM34Ne0S5-" width="70%">
 
 ### What is a Backend Developer?
 But where does all the data to be displayed on the frontend come from? How is a website personalized for the logged in user? This is where the backend comes in. The backend of a website consists of a server, an application, and a database.
 
-A backend developer builds and maintains the code that powers those components which together enable the user-facing side of the website to even exist in the first place. Backend developers must be competent with one or more server-side languages such as NodeJS, Ruby, Python, PHP or Java, frameworks like ExpressJS, Ruby on Rails, Python Django and databases like MySQL, PostgreSQL or MongoDB. They are also familiar with Linux as a deployment environment and DevOps tools like AWS, GCP, Apache, Nginx, Docker and Kubernetes.
+A backend developer builds and maintains the code that powers those components which together enable the user-facing side of the website to even exist in the first place. Backend developers must be competent with one or more server-side languages such as JavaScript (Node.js), Ruby, Python, PHP or Java, frameworks like ExpressJS, Ruby on Rails, Python Django and databases like MySQL, PostgreSQL or MongoDB. They are also familiar with Linux as a deployment environment and DevOps tools like AWS, GCP, Apache, Nginx, Docker and Kubernetes.
+
+Backend developers need to be able to navigate across larger codebases and not get lost in the complexities of what may seem like programming labyrinths. They also need to be very meticulous when making changes to not "break" anything as there are usually delicate dependencies. Even frontend codebases are large and complex with delicate dependencies, but unlike frontend development where the written code translates directly to visual output one can see and interact with, backend development of business logic is often hard to visualise. Therefore to be a good backend developer, you need to be comfortable with dealing with abstracts.
 
-Backend developers need to be able to navigate across larger codebases and not get lost in the complexities of what may seem like programming labyrinths. They also need to be very meticulous when making changes to not "break" anything as there are usually delicate dependencies. Finally, unlike frontend development where the written code translates directly to visual output one can see and interact with, backend development of business logic is often hard to visualise. Therefore to be a good backend developer, you need to be comfortable with dealing with abstracts.<br/><br/><img src="https://drive.google.com/uc?export=view&id=1PkIrF_pNnGbX1NiW-q1JIKokql1v4FI7"><br/><br/>
+<img src="https://drive.google.com/uc?export=view&id=1PkIrF_pNnGbX1NiW-q1JIKokql1v4FI7" width="50%">
 
 ### What is a Fullstack Developer?
 A jack of all trades? Pretty much! Often there isn't a black-and-white distinction between frontend and backend development. Frontend developers sometimes need to understand backend concepts like how REST APIs work and backend developers sometimes need to understand how components are rendered with data in their state.
 
 The role of a fullstack developer was popularized by Facebook’s engineering department. The idea is that a fullstack developer can work cross-functionally on the full "stack" of technology, both the frontend and backend. They are capable of performing both frontend and backend tasks and have a complete understanding of how a web application works, and how the "front" and the "back" are connected. They can build a complete web application on their own. In the current digital economy, companies are looking for such cross-discipline developers or generalists.
 
-To be a good fullstack developer, you need to be comfortable with dealing with abstracts as well as empathising with end users. Good fullstack developers also need to know when to wear which hat to work effectively and efficiently because there will always be division of responsibilities.<br/><br/><img src="https://drive.google.com/uc?export=view&id=13hdTlUW0tk0J91wV-r7ruPX7uATpt9pe"><br/><br/>
+To be a good fullstack developer, you need to be comfortable with dealing with abstracts as well as empathising with end users. Good fullstack developers also need to know when to wear which hat to work effectively and efficiently because there will always be division of responsibilities
+
+<img src="https://drive.google.com/uc?export=view&id=13hdTlUW0tk0J91wV-r7ruPX7uATpt9pe" width="50%">
 
 ## Backend web architecture
 Let's start diving deeper into what do we mean when we say frontend and backend. The frontend is the code that is executed on the client side. This code runs in the user’s browser and creates the user interface. The backend is the code that runs on the server, receives requests from the clients, and contains the logic to send the appropriate data back to the client. The backend also includes the database, which will persistently store all of the data for the application.
@@ -39,13 +45,19 @@ The clients are entities that send requests to the backend. They are often brows
 
 ### What is a backend?
 The backend is all of the technology required to process the incoming request and generate and send the response to the client. This typically includes three major parts:
-- The server. This is the computer that receives requests.
-- The app. This is the application running on the server that listens for requests, retrieves information from the database, and sends a response.
+- The server. This is the computer that receives requests and sends responses.
+- The app. This is the application running on the server that processes the requests, retrieves information from the database, and sends a response.
 - The database. Databases are used to organize and persist data.
 
 ### What is a server?
 A server is simply a computer that listens for incoming requests. Though there are machines made and optimized for this particular purpose, any computer that is connected to a network can act as a server. In fact, you will often use your very own computer as server when developing apps.
 
+The term "server" is also very often used to refer directly to the backend application running on the server. For example, if we build a backend application to manage the student data of a university, we can refer to it as the student server. When you hear a developer say "the sever has crashed", they could either mean the backend application has crashed due to an error in the code or the server running the application has crashed due to a hardware issue.
+
+Frontends also have servers. Technically when you build a website or a web application, you will be hosting it on a service like Netlify or Heroku, which means it will live on a server. However, each time a new user visits this site from their browser, the server will send the HTML to the user's browser where it will then start running as a client.
+
+Once we start building our backend applications we will observe the use of this term more in action.
+
 ### What kinds of responses can a server send?
 The data that the server sends back can come in different forms. For example, a server might serve up an HTML file, send data as JSON, or it might send back only an HTTP status code. You’ve probably seen the status code "404 - Not Found" whenever you’ve tried navigating to a URI that doesn’t exist, but there are many more status codes that indicate what happened when the server received the request.
 

module1-introduction-to-backend/r1.1-beginners-guide-nodejs-npm/README.md

@@ -4,7 +4,9 @@ We will be working in the Node.js and NPM environment throughout this bootcamp.
 2. Advantages of Node.js and why this course is focussed on Node.js
 
 ## Introduction to Node.js
-Is it a programming language? Is it a library? No, it's Node.js. In simple words, Node.js is nothing but JavaScript running on the server-side and it’s awesome.<br/><br/><img src="https://drive.google.com/uc?export=view&id=1oaHgcGKcrKbW6G-gFsncV95WhVmc40M7"><br/><br/>
+Is it a programming language? Is it a library? No, it's Node.js. In simple words, Node.js is nothing but JavaScript running on the server-side and it’s awesome.
+
+<img src="https://drive.google.com/uc?export=view&id=1oaHgcGKcrKbW6G-gFsncV95WhVmc40M7">
 
 But to be specific, Node.js is an open-source, cross-platform, backend JavaScript runtime environment that runs on the V8 engine and executes JavaScript code outside a web browser.
 
@@ -45,7 +47,9 @@ Firstly, though `.js` is the standard filename extension for JavaScript code, th
 4. **Single-threaded**: Node.js makes use of a single-threaded model with event looping. As a result, it can provide service to a much larger number of concurrent connections than traditional servers like Apache HTTP Server.
 5. **Highly scalable**: Node.js server responds in a non-blocking way, making it highly scalable in contrast with traditional servers, which create limited threads to handle requests.
 
-Node.js is written with C, C++ and JavaScript and uses libuv underhood to handle asynchronous events. Libuv is an abstraction layer for network and file system functionality on the OS.<br/><br/><img src="https://drive.google.com/uc?export=view&id=18ys74BkK9tzQ6u8avgVw9seweoXY6GnA"><br/><br/>
+Node.js is written with C, C++ and JavaScript and uses libuv underhood to handle asynchronous events. Libuv is an abstraction layer for network and file system functionality on the OS.
+
+<img src="https://drive.google.com/uc?export=view&id=18ys74BkK9tzQ6u8avgVw9seweoXY6GnA" width="60%">
 
 ### NPM and Packages in Node.js
 One of the major factors of Node's success is npm - its popular package manager, which allows JavaScript developers to share useful packages quickly and easily. NPM – or "Node Package Manager" – is the default package manager for JavaScript's runtime Node.js. NPM consists of two main parts:

module1-introduction-to-backend/r2-http-and-rest/README.md

@@ -43,12 +43,48 @@ HTTP/1.1 404 NOT FOUND
 ```
 In this case, the server identifies that it understands the HTTP protocol, but the 404 NOT FOUND status code signifies that the specific piece of content requested was not found. This might happen if the content was moved or if you typed in the URL path incorrectly or if the page was removed.
 
-You can also try to explore this on your browser. If you're using Google Chrome, open a new tab, right click and select "Inspect". This opens up the developer console of the browser. From the top menu on this console, select "Network". Now type https://www.re-coded.com/ in your browser bar and hit Enter. You will see a bunch of requests processed in the Network tab as the website loads. If you navigate to the top most request, you should be able to see the request and response headers we just talked about.<br/><br/><img src="https://drive.google.com/uc?export=view&id=1SJPdV6-75u8iTr5xrlMGGb5IgGeH9nn9"><br/><br/>
+You can also try to explore this on your browser. If you're using Google Chrome, open a new tab, right click and select "Inspect". This opens up the developer console of the browser. From the top menu on this console, select "Network". Now type https://www.re-coded.com/ in your browser bar and hit Enter. You will see a bunch of requests processed in the Network tab as the website loads. If you navigate to the top most request, you should be able to see the request and response headers we just talked about.
+
+<img src="https://drive.google.com/uc?export=view&id=1SJPdV6-75u8iTr5xrlMGGb5IgGeH9nn9">
 
 ### What is HTTPS?
-Since your HTTP request can be read by anyone at certain network junctures, it might not be a good idea to deliver information such as your credit card or password using this protocol. Fortunately, many servers support HTTPS, short for HTTP Secure, which allows you to encrypt data that you send and receive.
+Hypertext Transfer Protocol Secure (HTTPS) is the secure version of HTTP. HTTPS uses encryption in order to increase security of data transfer. This is particularly important when users transmit sensitive data, such as by logging into a bank account, email service, or health insurance provider.
+
+In modern web browsers such as Chrome, websites that do not use HTTPS are marked differently than those that are. Look for a padlock or similar indicator in the URL bar to signify the webpage is secure.
+
+<img src="https://drive.google.com/uc?export=view&id=1NkvHiapLP2dMtFXWe-Q6SAVyJ-1UFdPf">
+
+<img src="https://drive.google.com/uc?export=view&id=1EV6uPQJz3SPo2wy5NqUj0gy3Fm_75RX9" width="50%">
+
+HTTPS uses an encryption protocol called [Transport Layer Security (TLS)](https://en.wikipedia.org/wiki/Transport_Layer_Security), formerly known as Secure Sockets Layer (SSL). This protocol secures communications by using what’s known as an asymmetric public key infrastructure. This type of security system uses two different keys to encrypt communications between two parties:
+1. **Private key**: This key is controlled by the owner of a website and it’s kept, as the reader may have speculated, private. This key lives on a web server and is used to decrypt information encrypted by the public key.
+2. **Public key**: This key is available to everyone who wants to interact with the server in a way that’s secure. Information that’s encrypted by the public key can only be decrypted by the private key.
+
+HTTPS prevents websites from having their information broadcast in a way that’s easily viewed by anyone snooping on the network. When information is sent over regular HTTP, the information is broken into packets of data that can be easily “sniffed” using some software tools. This makes communication over an unsecure medium, such as public WiFi in a cafe, highly vulnerable to interception. In fact, all communications that occur over HTTP occur in plain text, making them highly accessible to anyone with the correct tools, and vulnerable to on-path attacks.
+
+With HTTPS, traffic is encrypted such that even if the packets are sniffed or otherwise intercepted, they will come across as nonsensical characters.
+
+**Before encryption**
+```
+This is a string of text that is completely readable
+```
+
+**After encryption**
+```
+ITM0IRyiEhVpa6VnKyExMiEgNveroyWBPlgGyfkflYjDaaFf/Kn3bo3OfghBPDWo6AfSHlNtL8N7ITEwIXc1gU5X73xMsJormzzXlwOyrCs+9XCPk63Y+z0=
+```
+
+In websites without HTTPS, it is possible for Internet service providers (ISPs) or other intermediaries to inject content into webpages without the approval of the website owner. This commonly takes the form of advertising, where an ISP looking to increase revenue injects paid advertising into the webpages of their customers. Unsurprisingly, when this occurs, the profits for the advertisements and the quality control of those advertisements are in no way shared with the website owner. HTTPS eliminates the ability of unmoderated third parties to inject advertising into web content.
+
+### How is HTTPS different from HTTP?
+Technically speaking, HTTPS is not a separate protocol from HTTP. It is simply using TLS/SSL encryption over the HTTP protocol. HTTPS occurs based upon the transmission of TLS/SSL certificates, which verify that a particular provider is who they say they are.
+
+When a user connects to a webpage, the webpage will send over its SSL certificate which contains the public key necessary to start the secure session. The two computers, the client and the server, then go through a process called an SSL/TLS handshake, which is a series of back-and-forth communications used to establish a secure connection. To take a deeper dive into encryption and the SSL/TLS handshake, you can read about what happens in a [TLS handshake](https://www.cloudflare.com/en-in/learning/ssl/what-happens-in-a-tls-handshake/).
+
+### How does a website start using HTTPS?
+For an SSL certificate to be valid, domains need to obtain it from a certificate authority (CA). A CA is an outside organization, a trusted third party, that generates and gives out SSL certificates. Many website hosting providers and other services offer free or paid TLS/SSL certificates. You can read more about SSL certificates [here](https://www.cloudflare.com/learning/ssl/what-is-an-ssl-certificate/).
 
-HTTPS is important to use when passing sensitive or personal information to and from websites. However, it is up to the businesses maintaining the servers to set it up. In order to support HTTPS, the business must apply for a certificate from a Certificate Authority. The certificate has a validity period and must be renewed from time-to-time to keep the secure services running.
+Once you have obtained the SSL certificate for your website, you can configure it on your server and enable it to communicate over port 443, which is the port for HTTPS communication over TCP.
 
 ### What is an API?
 API stands for application programming interface, which is a set of definitions and protocols for building and integrating application software. APIs let your product or service communicate with other products and services without having to know how they’re implemented. APIs are sometimes thought of as contracts, with documentation that represents an agreement between parties: If party 1 sends a remote request structured a particular way, this is how party 2’s software will respond.
@@ -96,4 +132,5 @@ In simplest words, in the REST architectural style, data and functionality are c
 - https://www.redhat.com/en/topics/api/what-is-a-rest-api
 - https://www.redhat.com/en/topics/api/what-are-application-programming-interfaces
 - https://www.codecademy.com/articles/what-is-rest
-- https://restfulapi.net/
+- https://restfulapi.net/
+- https://www.cloudflare.com/en-in/learning/ssl/what-is-https/