CS50 2017 – Lecture 6 – HTTP

this is CS50 and this is lecture 6 and as you
may recall, today we begin to transition away from
this low-level world of C and command line programming
into to a domain that’s probably a little more familiar,
that of the web, and yet all the ideas that we’ve been exploring
thus far like functions and loops and conditions and so forth
are still going to be relevant. It’s just we’re going to start using
slightly different syntax and the user interface, or UI, is now going
to be your browser instead of a black and white terminal window
with just a simple textual prompt, but how did we get here? Well, recall that we’ve
looked recently at structs and what was nice about structs
in C was that we had the ability to make our own custom data types
and to kind of encapsulate together related data, and that
became pretty powerful when it came time for forensics to
actually manipulate bitmap files or JPEGs, and even though this
struct is way more complicated than a student structure,
at the end of the day it’s just individual data types
that are all somehow interrelated, and by putting them in a struct
you can move them all around and copy them and save them all
together as you might have done as well, but then most recently did we
introduce a somewhat fancier structure, which is still the same idea. It’s got like one or
more things inside of it, but now, more powerfully,
one of those things had this star or asterisk, which gave
us, of course, a pointer or an address, but what was so powerful about
this simple idea and this seemingly simple symbol is that now we can kind
of stitch together in our computer’s memory any kind of structure we want. It doesn’t have to just be one entity. It can somehow be linked
to another and you can keep linking these structures
together as well, and this of course was an improvement on perhaps our
simplest of data structures early on, an array or a list,
but of course, as soon as you have pointers can you
begin to link things together until we got something like this
and perhaps now with the dictionary implementation you yourself might be
exploring a linked list, a hash table, a [? try ?] or some variant in between. And then lastly, there was this
painting of a picture, whereby this is your computer’s memory
put a little more descriptively, and this is germane only
insofar as your computer uses different chunks of memory differently. All of your function calls
end up using the stack. All of your users of
malloc and its cousins end up using the heap, and then
of course there’s this up here, and what was the text segment,
which we didn’t really dwell on? What was the text segment all about? Text– you’re being volunteered. Yes, what’s the text segment? AUDIENCE: Files information? DAVID J. MALAN: Files information, yeah. Specifically, the 0s and 1s
that compose the actual program. So when you compile your source
code, like hello.c, into 0s and 1s, those end up getting stored
in this location in memory while the program is running. So long-term they’re stored on disk or
your hard drive or whatever’s inside of the computer or the server so that
the files persist even when the power goes off or you walk
away from the keyboard, but as soon as you double click a
program on your Mac or PC or as soon as you do ./hello or
some command like that, those same 0s and 1s get loaded
into your computer’s RAM, the picture we keep showing, and that’s
where they live while they’re in use by your Mac or PC or the actual server, but thus far we’ve been running all
of these programs with something like ./hello or some similar command and
running them just in the so-called terminal window. But you are probably
most familiar, certainly with more graphical apps
on your phones these days and any time you visit a
web browser on your phone or on your desktop or laptop, you’re
still interacting with a program. It’s just that program is not
only running on your Mac or PC. Your browser is, like Chrome
or Edge or Firefox or Safari or whatever it is you use. That’s running on your
Mac or PC, but what you’re communicating with
is a program elsewhere, somewhere else on the internet and
those programs are called web servers. A web server is just a piece of
software that some human or humans wrote and their purpose in life
is to serve web pages. When you request the
homepage of Facebook, there is a server out there,
a program someone wrote, that essentially spits out the 0s and
1s that compose Facebook’s homepage, but nicely enough, those 0s and
1s are not written as 0s and 1s by Facebook engineers. They’re actually written as
something a little more English-like, a little more familiar, and it’s
not even programming code, per se. It’s what’s called markup language,
and we’ll soon see that and more today. So we’ve gone from compiling
your code and running it like this to actually doing
that in a web-based environment, but of course, when you’re running your
own programs in CS50 IDE down here, you’re actually using
another piece of software that fills the screen, CS50IDE, a.k.a. Cloud9, which is the program essentially
running somewhere in the cloud. And we’ll start to make this
distinction and through examples will the distinction among these
different types of software begin to make sense, but where is
something like CS50IDE running? Where is Facebook running? Where is Google.com running? Well, back in 1998, Google.com
was running on this. This was Larry and Sergey, the founders
of Google’s, very first implementation, apparently, of their
first rack of servers. So servers are generally stored
literally in a rack like this. It’s usually like 19
inches wide by convention and you just stack computer on top
of computer on top of computer, but things were very bare
bones back in the day of Google and so there weren’t
even plastic or metal cases around a lot of their computers. They were trying to minimize cooling,
minimize cost, presumably, and cram as much hardware into that
footprint as they could, and so you actually see a
lot of the wires and hardware kind of sticking out, and this
is on display now out west. Of course these days, fast forward
just a decade or two, and this is one of Facebook’s data centers
where it’s the exact same idea, but much fancier, much prettier,
much better lit servers, but who serve, at the end of
the day, the exact same role. There are bunches of servers
around the world that are just sitting there waiting
for you on the internet to make a request for a
homepage, for an email, for any other type of
information so that it ends up getting sent from server to client. And in fact, if you’ve ever thought
about those words server and clients, which is probably the
lesser used of the two, but a server-client relationship is what
you have when you go into a restaurant, and you ask the waiter or
waitress for something to eat. He or she brings something back
to you, thereby serving you, the client, and the relationship on
the web is pretty much the same thing. We are the clients. Our browsers are the
clients and out there are servers like these who are
serving up content and information, such as on Facebook. So let’s consider how all
this data even gets to us. So odds are, these days, if you want
to visit Facebook.com on your laptop or desktop or phone without
using the app, you probably just type in Facebook.com and hit Enter. If you’re a little older
school or literally older, you might just actually type out
the entirety of www.Facebook.com. Both work and there are technical
reasons for that related to the topic we’ll talk about today,
but both of these work just because Facebook has
configured their website to work in either of those addresses. Now, as an aside, why are so many
websites therefore prefixed with “www” if both of them actually work? Like, why have both? It seems just like
redundant to type “www.” if it’s implied by Facebook.com. Yeah, what do you think? AUDIENCE: Is the “www” required? DAVID J. MALAN: Is it required? Nope, not required. Not required. Yeah? AUDIENCE: Is it to identify that
it’s part of the World Wide Web? DAVID J. MALAN: Kind of, yeah. It’s to identify that it’s
part of the World Wide Web and no one really says
World Wide Web these days. We of course just say web, but back in
the day and back in my day, frankly, it wasn’t obvious to
a lot of human beings what Facebook.com might actually
even mean, irrespective of the fact that it didn’t exist at some point. And so there was this sort
of signal to the world whereby you just started prefixing
domain names with “www” just to make super clear to
users, oh, this is a website! This is one of those things
on the internet or the like, and also back in the
day, there were also different services that have
fallen into disuse these days, like FTP was quite popular
and Gopher, we used it when I was here and other such things. And so “www” was just an arbitrary
prefix that just kind of said what it is, but these days we humans pretty much
know what a .com is and .net and .edu, but even that kind of road is
changing again because there’s dozens, hundreds of top-level domains. It’s not just .com and
.edu and others now. I mean, there’s hundreds
of these things out there and so it might even be
non obvious to this day. So some people, therefore, go really
all the way in and type out http:// and then the address
that they want to visit, but odds are most of us don’t do this
because our browsers just help us out and prefix that, but that’s
where our focus will be today. Like, this actually has
significance because it specifies what protocol or language,
what convention your computer, your laptop should use when
talking to that server’s address, and actually, if you want the
communications to be secure, odds are your typing or your
browser is doing it for you. Adding an s there, denoting secure
or encrypted a la Caesar and Vigenere from some weeks ago and
technically your browser is also probably adding
a trailing slash even if it’s not shown to you, which denotes
you want the root of the server, like the default homepage
or something else. In fact, maybe you do
want something else. You don’t want just Facebook’s
website, you want Mark’s page, and so you could specifically /zuck
or whatever the username actually is. So this is a very long way of
saying all this kind of stuff that we type or autocomplete and
take for granted these days actually has some very fundamental
meanings, all of which make possible the entirety of the web. So what actually goes on with HTTP
and what does that actually mean? So HTTP is a protocol. It is a set of conventions
that dictate how a computer client, like a browser on your
Mac or PC, talks to a web server, and it’s a protocol in the sense
that it’s not a language, per se. It’s really just a set
of conventions and so like this is kind of an arbitrary
and awkward human convention. Hello, I’m David. AUDIENCE: I’m Kara. DAVID J. MALAN: Kara, so Kara
and I just introduced ourselves. I extended my hand and she
kind of knew instinctively that it would be awkward not to
shake my hands or to shake my hand and so we exchanged
pleasantries and said hello. So this is just kind of
a silly human convention whereby we’ve agreed sort
of socially in advance how to greet each other in that way. So HTTP is pretty much the
same thing, but in this case you’re not actually physically
doing something like that. You’re kind of sending a
message from client to server. You’re putting a sort of handwritten
note into an envelope this, addressing it somehow and then sending
it off on the internet for Kara or for Facebook.com or
Google.com to actually receive, and then when Google or Facebook
or Kara receives that note, reads and sees what I want,
the server or the human responds in some according way. So what then goes
inside of this envelope? Well it turns out that
when a web browser, like Chrome or Edge or Firefox,
Safari, make a request, the message they put inside of one
of those envelopes, albeit virtually, is literally this text. It’s like if I had it written down on a
piece of paper literally GET / HTTP/1.1 Host: www.facebook.com
and then the “…” just means there’s other stuff in there,
but it’s less fundamentally interesting right now. So what’s this all mean? GET is just a verb and it
kind of says what it means. Go get something from the server. HTTP/1.1 mentions the version of HTTP
that I am using or the human convention that Kara and I were
actually implementing there, and so 1.1 tends to be the one most
in use these days, and then /, again, it’s just like the default identifier
for the homepage of a website, the default page that you see in
the absence of typing something like and /zuck or some other suffix. Host: Is the same thing as whatever’s
on the outside of the envelope. So if I’m sending a message
to www.Facebook.com, I’m just making super clear inside of
the envelope which server should expect this request just in case there
are multiple websites running on the same physical server, which is
possible for economic and performance reasons these days. So alternatively, if I were trying
to visit Mark Zuckerberg’s homepage, the request in that envelope’s
going to look almost the same, but I’m going to be more precise. /zuck instead of just /. Meanwhile, if I’m requesting
something from Yale’s homepage, the request would look like
this, or from Harvard’s web page, the request would look
like this and so forth. So once Harvard or Yale
or Facebook w actually received the request in that
envelope, opened it up, look at it, how do they decide how to respond? Well at the end of the
day, I’m probably expecting to get back from the web
server some kind of, excuse me, web page whereby I want to
see my news feed on Facebook or I want to see the
search page on Google or I want to see Harvard’s
homepage, Yale’s homepage or whatever it actually is. So there’s a lot of information
probably packed into that envelope, but there’s also a
conventional, a standard, response that looks literally like this. So at the very top, for instance, of
the “letter” that comes back from Google or Facebook is a message like this. Got it. I’m speaking HTTP version 1.1 also. Everything is OK and 200. We’ll come back to
that in second and then the type of content
inside of the envelope, if I keep digging
deeper into it, is going to be text, but more
specifically, HTML, and we’re going to focus on that today too. HTML, Hypertext Markup Language. This is going to be the language in
which web pages themselves are written. Then there’s usually some
other stuff and way down there is the actual contents of Yale’s or
Harvard’s or Facebook’s homepage, but let’s zoom in on
this for just a moment. 200, odds are you’ve never seen or
cared to see this kind of number before, but have you ever used the
web and requested a web page and seen some number that for some
reason keeps popping up in your life? AUDIENCE (IN UNSION): 404. DAVID J. MALAN: Yeah, 404. It’s just kind of a weird thing
that many of us in the room know 404 even if we’re not
necessarily technophiles and know what HTTP is, but it turns
out that in these envelopes coming back from servers sometimes are
not just 200 OK, but instead– dammit, typo. This would be much more effective
if I said it’s not this. It’s not found. So inside of the envelope is 404
not found, which means exactly that. The file was not found that
you were actually seeking. You mistyped the URL,
the page was deleted. Somewhere or other, there was
some kind of typographical error and it turns out there’s a lot
of the status codes in HTTP and there are even more
than these, but these are the ones we might
see the most commonly. 200 OK means all is indeed well. 404 means not found. 403 forbidden might be
if you’ve not logged in or don’t have the right access
in order to access some folder or file on some website. This is really bad and we’ll get to
know this over the coming weeks as we ourselves start implementing
code on a server. 500 internal server error, if you will,
shall be our new segmentation fault, but hopefully not too frequently. It means something is wrong
in the code on the server. This was an April Fools’ joke
back in 1998 I believe, yeah. So April Fools’, some humans decide it
would be funny to announce to the world that there’s yet another code,
which is 418 I’m a Teapot, which kind of comes up from time to time
in actual code and then there’s this one– 301 Moved Permanently. It’s kind of a scary sounding
thing, as though a website just kind of up and left and went elsewhere,
but it’s a powerful mechanism in the following way. If a server inside of
one of these envelopes responds with a response
like this, there tends to be one other piece
of information at least. So if I visit a website
like http://harvard.edu, I might get back in the response
from Harvard’s web server this answer, 301 Moved Permanently. Like where the heck did Harvard go? Well you can see the location
based on this other line and all of these things
collectively moving forward we’re just going to call HTTP headers. Anytime you see a word
and a colon, that’s an HTTP header with a name
and a value and the first one ones a little anomalous
in that there’s no colon, but that’s the only
one without the colon. So location colon
http://www.harvard.edu. Well what’s going on? Well, if I actually visit Harvard’s
homepage exactly as follows, let’s take a look at what happens. I’m going to go to
http://harvard.edu, Enter. And notice there’s a whole bunch of more
stuff happening on the screen thanks to what’s called autocomplete, which
is a feature of Chrome or my browser. It has nothing to do
with the topic at hand. This is just Chrome trying to be
helpful today as on your computer too and suddenly, even though I tried
to go to http://hardvard.edu, , where did I clearly end up? HTTPS, so they added the s somehow
and what else has it added? [VARIOUS ANSWERS FROM AUDIENCE] DAVID J. MALAN: Yeah, the web. The www prefix was added. So this is not sort of all
that important to the user like I got to my destination somehow
but the reason for that is as follows. I’m going to go ahead and
open up, in the IDE actually, just a terminal window here and I’m
going to use a new program called Curl for connect to a URL
://harvard.edu, Enter. And I get back some cryptic looking
things and that’s actually HTML, and we’re going to come back
to this in just a moment because it turns out there’s two
parts to the messages coming back. There’s the headers and then there’s the
content, and we’re seeing the content. So more on that in a bit. I want to look a little higher up in
the response and literally just look at the headers, and to do that– and
you would only know this from reading the documentation– -I means show me just the
headers that are coming back. So here now we see the
headers coming back and you’ll see indeed we got
back a 301 Moved Permanently, and then there’s some other stuff
we haven’t really focused on, but at the bottom is something we have– location, which says to the
browser go to this URL instead. All right, so let me do that. Let me save time and just copy paste
this and then do curl -I of this, Enter, and pretend to be a browser
requesting that page now, but now where are they trying to send me? HTTPS. So this suggests via some
mechanism, some human at Harvard decided one, uh-uh. We’re not going to be
called like harvard.edu. We shall be www.hardvard.edu
for whatever reason and then they also decided that if a
user visits us using HTTP, which is not encrypted, not secure, we’re going
to forcibly tell them to come back via secure channel, and we won’t
dwell today on how that’s implemented, but much like in Caesar or Vigenere
where was a way to encrypt or scramble information, browsers
can do that too and it’s implied by using the HTTPS
instead of just HTTP. All right, so let’s actually
visit this one more time. Let me go ahead and
highlight that location. curl -i of that address and now an
overwhelming amount of information coming back, and that’s why I kept
putting the …’s, but the juicy stuff is at the top. Now everything is 200 OK and
indeed, if I run it without -I so I see the contents
of the envelope, it’s like looking deeper
inside of the envelope, now I actually see a lot more
content, which collectively composes Harvard’s
homepage, and it turns out we can see this even in Chrome. Let me go over to my browser again
and if you’ve not done this before, it turns out that you can go
to your View menu, Developer, and go to Developer Tools– and we’ll
do this in upcoming problem sets– and I can go here and see a whole
bunch of features, only a couple of which we might look at today. Specifically, I’m going to
click on this Network tab. So to be clear, Developer Tools in
Chrome still shows me the homepage, but it kind of dedicates
part of the screen to these special developer tools that
make it easy to understand and actually create websites. So eventually we’ll
start using this ourself, but what’s nice about the Network
tab is that you can sniff or monitor all of the requests going
back and forth between browser and server in the so-called envelopes. So I’m going to hit a little
Clear symbol here first just to get a clean slate. I’m going to click preserve log so
I can actually see what’s happening and now I’m going to go ahead– actually, I’m going to
go ahead and do this. http://harvard.edu, so the sort of
incorrect version that I’m going expect the browser to fix for me. I hit Enter. A whole bunch of stuff is
flying across the screen and in fact if we zoom
in on this, you can see that just visiting
Harvard’s home page requires 85 envelopes it would seem
going back and forth with pieces of the webpage and we’ll see soon
with some of those pieces are, but it’s not just one file coming back. It’s bunches of files. Maybe images, maybe fonts,
or some other things too, but I’m going to scroll
up in this output and now notice the story
that’s been told here too. So the very first request,
which I can hover over and see, came back with a 301, which we
now know is Moved Permanently, or it’s a redirect. Then if I hover over
the second one, you’ll see that it’s a slightly more precise
URL, www, but still with HTTP. So that got redirected and then lastly,
if we look at the third line here, this is the one we
ultimately ended up at and indeed it comes back 200, as do
bunches of other results thereafter, and we’ll see what those
200s actually mean. Now, you can do a
little better than this and it’s perhaps fitting that our
friends down the road indeed did. Let me go back to the IDE. Let me go ahead and clear this and
instead of curling harvard.edu, let me do http://yale.edu
and ask the question, what would be a better approach–
knowing these ingredients that we now have of how redirects work. How could Harvard do better in terms
of getting the user to the address that we intend them to be at? Yeah. AUDIENCE: By not forcing
like, two redirects? DAVID J. MALAN: Yeah, by not
forcing two redirects, right? Even if some of this
material is new, we’ve long talked now about
correctness and design and style and we’ve seen some messy style on
the screen and that’s fine for now. More on that later. It seems to be correct
because it’s working, but it feels like it
could be better designed because why make one request
then make another request just to fix the first request then
make a third request just to fix the second request? Why not combine them? And, as it turns out, someone down
the road had that same intuition and so we visit yale.edu with
just HTTP and without the www, they, in one fell swoop,
actually redirect us to the right place in this case. So, with that said, it’s
perhaps fitting that just a few years, well,
some years ago now, you might have tried to visit
this particular address, and this is something I
can only do in Cambridge. If I go ahead and open a new browser
and go to http:// shall we say safetyschool.org and hit
Enter if you’ve never been. Oh, interesting! [STUDENTS LAUGH] DAVID J. MALAN: And apologies
for those of you tuning in online live from New Haven. So how is this possibly working? It’s actually a very simple heuristic. If instead of selecting Yale or
Harvard or any other address, if I literally do like safetyschool.org,
we can wrap our mind around what’s going on underneath the hood
safetyschool.org has moved permanently to New Haven it would seem, but it’s via
this very simple mechanism that someone back in 2000 registered
this domain name, and so actually as I was looking
this up in the history last night, I was amused to find that whoever bought
the domain has been paying for this domain name now for 17 years for this
joke annually, but it’s well worth it, but I think it would be– [STUDENTS LAUGH] DAVID J. MALAN: But I
think it’s only fair now, it’s only fair if we take
a look at another one too. It turns out that if you visit
harvardsucks.org, that one has also redirected, this time to www. So let’s follow this little
breadcrumb. curl -I harvardsucks.org, and this one’s OK. So that means something
lives at harvardsucks.org and it does not as cleverly
redirect to harvard.edu, but to introduce this,
let me actually introduce a friend of ours who’s now very
awkwardly visiting from New Haven today. Hi Natalie. Do you want to come on up and
say hello for just a moment? So this is Natalie, who is our head
of the class with Benedict Brown and [? Anushri ?] and with
[? Staleos ?] in New Haven. If you’d like to say a quick hello? Hi, Hi, everyone. DAVID J. MALAN: So nice to have
you here today and as you know– do you want to make mention of
what we’re about to see here? What happened back in 2004
just a few years later? AUDIENCE: We did a
prank back, basically. DAVID J. MALAN: OK, so perfect set-up. Thank you very much. Hello to Natalie. Let me go ahead and hit
play on three minutes that are kind of hard
to justify academically, but it’s perhaps one of the best
pranks that’s ever been played. Long story short, our
friends down the road got together with a few of themselves
just before Harvard Yale, which was to be at Harvard
that year and actually mapped out using software,
a sort of grid system that lined up with all of the
seats in the Harvard stadium, whereby you assume that a human
each takes up some amount of space, and then they used special
software to figure out how they might spell something
out in the audience in a way that would be readable to the opponents,
the Yalies, on the other side. So if we could dim the
lights for this look back at yesteryear and a
slight use of software. [MUSIC PLAYING] – All the way at the top. – This is for you Yale. We love you Yale. – We’re here to cheer for Harvard. – Yeah! Let’s go Harvard! – Yeah, Harvard! – Take the top one and pass it down. – It’s not going to say
something like Yale sucks is it? – It says Go Harvard. – We’re nice. – You see that shit? Look at them, they have the paper! It’s gonna happen! It’s actually gonna happen! I can’t [BLEEP] believe this. – What do you think of Yale? – They don’t think good! – It may be a complete
mess, I don’t know. – Does everyone have it? Does everyone have their stuff? – The probability that it’s
gonna be legible is very small. – It’s gonna happen! It’s gonna happen! – It’s too complicated. – Look, look at all the signs. – I know but it’s too complicated. – Uh, what houses are you guys in? That’s not a real house. – Ho-fo? – Yeah. You guys aren’t from Harvard are you? – No, fo-ho. Pforzheimer! – Yeah, but he said ho-fo. – Let’s just make sure everyone has it. – Well she’s probably drunk. – Are all the cards disributed? – Almost! [APPLAUSE] [CHEERING] – Hold up your signs! – They [BLEEP] did it! [CROWD CHANTING “YOU SUCK!”] – They [BLEEP] did it! They [BLEEP] did it! [CROWD CHANTING “YOU SUCK!”] – What do you think of Yale sir? – They suck! – One more time! – One more time! – Oh and there it goes again! [CROWD CHANTING “HARVARD SUCKS!”] [END PLAYBACK] DAVID J. MALAN: All
right, we’ve been talking about what goes on
inside of this envelope, but what goes on on the outside? So when you hand off this envelope
from your laptop or your phone to the internet, how does it
actually get to its destination? Well you’ve probably heard this
acronym IP, or internet protocol, and it turns out that every computer
on the internet and every phone in this room and any very laptop
in this room has a unique address. That unique address is known as an IP
address and it’s much like the address of a building in the real world, like
the Science Center might be a 1 Oxford Street Cambridge, Mass 02138, USA. Down the road is the CS building. 33 Oxford Street
Cambridge, Mass 02138, USA. So those long strings
uniquely identify buildings in the world for the
mail service and the like and similarly do IP addresses uniquely
identify computers on the internet. These addresses are much
more succinct though. They’re not long strings they’re instead
just numbers that have four parts and each of those numbers within the
IP address are a value from 0 to 255. So the lowest IP address is all
zeros and the biggest IP address is all 255s with some constraints. You can’t quite use
all of those numbers. So just as a sort of quick teaser,
if the smallest number is 0 and the biggest number for each of
these sections of the IP address is 255, how many bits are being used
for each of those four numbers? AUDIENCE: 8. DAVID J. MALAN: Yeah, 8. So remember like 8 bits gives you 2
times 2 times 2 times 2 times 2 times 2 times 2 times 2, which is 256, and
indeed we have 256 total values from 0 on up to 255. So an IP address is 8 plus 8
plus 8 plus 8, or 32 bits total, or, just come really full circle
with week zero, if you have 32 bits, roughly how high can you count? Like what’s 2 to the 32 power? Yeah, it’s roughly 4 billion. So, long story short, the implication
of this very simple definition is that apparently there can only be,
in this model, four billion computers, phones, refrigerators, internet of
things, devices on the internet at once if they do all need an
IP address that’s unique. So I’ve been telling a
slight white lie in that they don’t have to all technically
be unique because there’s ways we can share
addresses, and it turns out there’s even bigger addresses these
days that aren’t just 32 bits but 128 bits, which is just massive and daresay
unpronounceable how big that number is. So we’ve gotten ahead of this issue, but
you’ll find that in a lot of locations, companies and internet service providers
like Comcast and Verizon and the like and campuses like Harvard and Yale,
you can notice that they tend to follow patterns, like many of the IP
addresses here at Harvard start with 140.247.something.something or 128.103. Down the road in New
Haven, a lot of the IP addresses there start
with 130.132 or 128.36, which is not at all interesting to
the humans who are using these IP addresses, but it is useful to
the servers or the devices that are actually routing these
envelopes from one place to another. Meanwhile, in our homes and even
sometimes on campus these days, there are also what are called
private IP addresses, which are numbers within
these ranges, and this has been a solution so that when
you sign up for Verizon or Comcast back home or your parents
do for internet service, you technically only get one IP address
from your internet service provider. That’s what you’re paying for per
month, but thanks to something called network address translation
and other technologies, you can actually give all
of your siblings and parents and family members or roommates in the
household their own unique address. It’s just private in the sense that
no one else on the outside world can access it unless you
initiate the connection. So this is generally why
at home you can reach any website you want any service
on the internet that you want, but you can’t have like
random people necessarily trying to get into your
laptop or your device at home because there’s a device, a home router,
that translates these private addresses into otherwise public addresses,
but for now the takeaway really is just that every computer on
the internet has an IP address, and if you’ve ever poked around your
Mac, like under System Preferences, you can actually see this. So I’ve just pulled up a screenshot here
of a network control panel on Mac OS and if you look roughly
there on your own Mac, you should see that your
IP address is something. It will completely vary by
person and by geography, but you’ll see your IP address there. On Windows, at least Windows
10, you can see your IP address under Settings here as highlighted here. So this has a very different
address, but that’s just because this person was on
a different network all together. So, where did these IP
addresses come from? Well back in the day
someone would literally come to your home to set up your
Comcast or your Verizon internet service and he or she would like type in
these numbers into your Mac or PC and then leave, and you would
have one computer on the internet. These days it’s a lot more dynamic. You don’t need someone coming by. That certainly doesn’t scale very
well because there’s other protocols. HTTP is this protocol we talked
about earlier about web pages, but there’s other protocols like Dynamic
Host Configuration Protocol, which is a mouthful but it just means that our
Macs, our PCs, Android phones, iPhones and the like, if they speak
this protocol, when you first turn on your phone or boot
up your laptop it knows, if it has support for this protocol,
to just announce to the internet, hello world. I’m awake. What should my IP address be? This just kind of broadcast message
and if Harvard or Yale or Comcast or Verizon or wherever
you are in the world has a DHCP server whose purpose in life
is just to listen for those hellos, that server should respond using the
same protocol with your actual IP address, and it figures out which one
to give you based on and available pool of numbers typically. So that’s how you might
get this but there’s other things in these control panels. In fact, if we look a little lower
on Windows, there’s DNS servers too. Domain Name System. Another acronym and a bit of a mouthful,
but you can also see this on Mac OS/2 if you actually click Advanced
and actually take a look. Here, for instance, there’s mention of
something else altogether, a router. So there’s lots of different
addresses going on here and lots of different servers. So how do these all piece together? Well, DNS is an interesting
one in that it’s going to be the one that translates
domain names to IP addresses, right? None of us ever probably visits
http:// and then a number, right? Like, we visit facebook.com,
google.com or the like, but that’s because our computers knows
how to translate one to the other. So in fact if I do this command,
nslookup for name server look up and then I type in something like
google.com, I’m asking the computer, in this case, the IDE, what is
the IP address of google.com. I know it as the human as
google.com, but the internet knows it by its numeric unique address, and
it turns out Google has several, and even this is a bit of a white
lie because they have thousands, but the ones that my
computer is being told to use is, for instance, this one or this
one or any of these other addresses. So let me see what
actually happens here. If I highlight that address and open up
a browser and go to http:// and that IP address and hit Enter, notice
it actually seemed to work. Well, why is that? It’s a little hard to see
it in Chrome, but let’s go ahead and open up the Inspect tab
and go to Network just like before. Let me click Preserve Log so
that it saves everything here, and I could be using curl. So the curl was just
the simpler version. Now I’m using the more
familiar graphical version. Let me go ahead and do that again and go
to http:// and that IP address and hit Enter. A whole bunch of stuff flew by
even just for Google’s homepage, but notice what happened. On that very first– whoops– request, if I hover over it, I see
http:// and then the number that I typed in, but it’s a 301
because, what was the response? We can actually see these responses. Let me click on the status code
here, or the row, go to Headers and notice here, if we zoom
in, we’ll see that Google responded with this location. So someone at Google
just decided, OK, fine. You figured out one of our IP addresses. That’s great, but we don’t want
you to see that in the URL. It’s bad for branding. We don’t want you to
bookmark an IP address because it might change later on. So we’re using the same
mechanisms as before, but that’s how we might do the
lookup and we can see the same thing for any number of websites. Here we go nslookup of harvard.edu
and we get back just a couple here. If I do the same on Yale, I’m going
to get back different IP addresses. Yale has even more in
this case and so this is how the computer’s figuring
out to where to send the data. So what goes on this
envelope then, it’s going to be not facebook.com
harvard.edu or yale.edu, it’s actually going to be
the address like or whatever the actual IP address is
of the server I’m trying to send to. Now, of course, I expect a
response from the server. I want to get back my
news feed or I want to get back Harvard or Yale’s homepage. So what more should I probably
put on this virtual envelope, just intuitively? Yeah. AUDIENCE: Your own IP address? DAVID J. MALAN: What’s that? AUDIENCE: Your own IP address. DAVID J. MALAN: My own IP address, yeah. So just like in the human
world, just in case something goes wrong with the post office, I
might put my own address,, and actually put that on the envelope so
that if something goes wrong or, better yet, if something goes right and
they’re ready to give me a 200 OK, it can actually come back to
me because they know from which address this thing actually came from. So who is it or what is it
that’s doing all of this routing? Well it turns out there’s servers
on the internet called quite simply routers, otherwise known as
gateways, which is just a synonym, and they’re kind of artistically
pictured here as just dots across the world, and there’s
hundreds, thousands, tens of thousands of routers. Odds are you yourself at home,
if you had internet access, have at least one such router
and its purpose in life, again, is to take data from inside your
household and send it to the internet, and then any responses
you get, to send it back to the appropriate
laptop or desktop or phone or smart device that happens
to be in your own home. And we can actually see this too. Let me go ahead and in CS50
IDE, try one other command. I’m going to go ahead and
type traceroute and I’m going to trace the route,
say, to yale.edu from here, or technically from the IDE. So if I hit Enter here, we’re
going to see a few lines of output, and if you try this
at home, just realize I’ve configured my IDE a little
differently to simplify the output. So it looks like there’s
five steps between Cambridge and New Haven or technically
the IDE and New Haven, but what are each of these steps? Well between here and Yale, if we
continue that version of the story, there are, it seems, five routers. There are five computers that
have like lots of RAM, big CPUs that can handle a lot
of internet traffic that are figuring out how to
get my envelope from this origin to this router, to this router, to
this router, to this anonymous router, to this one. Sometimes the routers are configured
not to answer these questions from this program traceroute. They sort of keep it
to themselves, and you can see on the right of each of
these IP addresses some numbers. So just take a guess, what do each
of these numbers represent, perhaps? Whats that? No it’s okay. AUDIENCE: Milliseconds? DAVID J. MALAN: Milliseconds, yep. So milliseconds that are
measuring what do you think? Time to go, or time to
reach that specific router. So we can kind of infer– and this is the kind of amazing thing. To get me to New Haven
takes like two plus hours, but to get an email, to get
an envelope with a message takes like 10.597 milliseconds
to get data from here to there, and then hopefully back if
it’s a request for a page. Let’s do something a
little farther away. So let’s do like stanford.edu,
tracing the route here, and already we can see that the
numbers are a little bit higher, and that makes intuitive
sense in that Stanford’s a little farther away than New Haven
and it takes as many 41 milliseconds to reach that. If I go even further and I
read like a company’s news like cnn.co.jp, which is the top-level
domain for a lot of servers in Japan, you can see a real uptick in just
how many milliseconds it takes, and in fact, there’s
something curious here. Why does it take so much more time
to get from router number three to router number four do you think? AUDIENCE: The ocean. DAVID J. MALAN: The ocean, yeah. So there’s a really big body of water in
between the US’s west coast and Japan’s coast, which probably explains why
not just between three and four, but really every router thereafter
is that many milliseconds away. So these aren’t cumulative. We’re measuring constantly
from here to there, from here to slightly farther,
from here to slightly farther. So it makes sense that
once you cross that ocean, that’s kind of the total value
that you’re actually going to see, and it’s fascinating really. I mean, throughout
the entire world there are not only wireless technologies
today, but very much wire technologies and if we take just
a few seconds, we can see this visualization of so many of the
transoceanic cables that have actually been dropped by big ships that carry
many, many, many, many bits from one coast to another. [VIDEO PLAYBACK] [MUSIC PLAYING] [END PLAYBACK] So, with all of those cables capable of
transmitting data all around the world, it turns out there’s
still one more problem. Even if we want to do
something simple like download an internet image
of a cat because there’s different types of servers out there. There’s my computer here like my laptop. I’m running Mac OS or windows. There’s all those servers
in Google’s data center and in their racks and
Facebook’s and the like and in between all of those
servers there are lots of routers, but it turns out that those
servers in those racks at Google, at Facebook, even at
Harvard and Yale, there are servers that can do multiple
things because technically, even though we humans tend to talk
about servers as being physical devices, a server is, as we started
today, really just a program. It is a piece of software that
someone wrote that, when run, listens for requests on the internet
and responds to those requests, generally by spitting out information,
text or 0s and 1s or, in some cases, cats. So upon receiving an
envelope, then, how is it that a server knows whether it’s a
request for a web page or it’s an email or it’s a chat message or a voice
message or any number of other things? It turns out we need one more piece of
information at least on this envelope. It turns out that the
world has standardized via another protocol called TCP,
Transmission Control Protocol, that you need at least one other
number on these envelopes, and that number corresponds
to the type of service that you’re trying to
access or the type of data that you’re trying to send or receive. So, for instance, 22 is for
something called SSH, Secure Shell. This is something that most CS majors
might use, but most people in the world wouldn’t use this because
it’s entirely command line and it allows you to connect
securely to some remote server without using something like a browser,
but all of us generally do use browsers and HTTP, it turns out, all this time
has had a unique number associated with all of those requests. 80 is the number and if we visited
any URL starting with https, turns out there was a
special number, 443, that humans years ago decided just
uniquely identify encrypted web traffic requests and responses. 587 is used for Simple Mail Transfer
Protocol, which is for email. Excuse me, 53 itself is used for DNS. So if you ever send a
message to a server saying what is the IP address
of google.com, you’re using number 53 to identify
whatever machine or software can answer that type of question, and
so we can actually see this too. If I go back to my IDE and I actually
do curl -I https://www.harvard.edu, this of course, worked
before and it was 200 OK, but it also will work if I more
precisely say specifically send this request to TCP port, or number, 80 and– damnit. Oh, it’s wrong because made a
compelling pedagogical mistake. So what did I do wrong? AUDIENCE: Https. DAVID J. MALAN: Yeah, so I kind
of screwed up my numbers here. So I said https, but I meant to
say http if I’m using port 80 or, conversely, if I want to talk
to the secure port which is known, I actually want to say 443,
and that one in fact works, and I can do it again even in Chrome. If I go up to my browser
and go to http://yale.edu/80 and let the redirects
happen, that too will work. It’s just browsers, to keep our minds
focused on the website we’re actually trying to visit and not distracted
by technical details like :80 or slashes or even
sometimes http itself, just hide that from the URL bar. It’s all there. It’s all happening, but we humans
are getting a little more comfortable with the internet over the years
so Chrome and other browsers are just starting to hide some of these
lower-level implementation details. So that really means, when I actually
want to send a request to a web server, I should really write
:80 on the envelope to make clear that that’s
going to a web server listening on port 80 or maybe 443,
and then, you know what? It turns out, and we won’t
dwell too much on the details, even my Mac or your PC also has its own
port number for all of these requests, right? And it would be pretty annoying if you
could only visit one website at a time or you could use Gmail
or Skype but not both at the same time, or Facebook
Messenger or Google Chat but only one at the same time. That would be pretty
limiting, especially when we have all this computing power. So it’s also the case
that your own computer, any time you send a
request on the internet, chooses a random or pseudo-random
number to uniquely identify the piece of software on your
computer that’s waiting for the reply. So this might be not port 80. This is going to be a
bigger number like 1025, or some large-ish value all
the way up to 65,000, even, or 32,000 that now uniquely
identifies the port on my computer, and that’s how your computer can
do multiple things at a time, and when I get the response
those values are just flipped, but there’s one more piece. Like cats can be pretty high
quality and videos certainly take up a huge amount of data. Netflix videos and any
streaming videos are taking up a huge amount of
information and it would be pretty annoying to your
neighbors if any time you were watching a movie
on Netflix, you had to be done watching the
movie in order for a neighbor to also watch a video on
his or her computer as well. So it turns out that what
computers also do thanks to IP and TCP is, when they’re used together,
they offer one more feature still. It turns out that if I want to
download a picture of a cat, and we have a nice
printed version here, I’m not going to get the whole cat
in the one envelope most likely. This cat or this video
file or whatever it is is actually going to be divided
up into a few different pieces. So this message might get chopped
or fragmented into four pieces. Each of those four pieces now might
go in each of one of these envelopes here, here, and then here
with the third and fourth, and what’s nice, though,
about TCPIP is that it provides at least two features for us. One, IP ensures that every computer on
the internet that speaks this protocol has an address. So IP handles the getting of
the data to some destination. TCP, the other half of
this, ensures or guarantees with high probability delivery–
that the data actually gets there. Because as you might have gleaned
from even the animation of all of the transatlantic cables and all
of the interconnections among routers, things can go wrong, right? Routers, it turns out,
can get overloaded. Their buffers can
overflow such that they can’t handle all of the traffic
coming into them and in fact, if you try to watch Game of
Thrones, some episode on HBO and you couldn’t access it at some point
or [INAUDIBLE] or some tool like that. If they’re overloaded,
what does that mean? It just means the server, or the
routers between us and the server, are getting so many darn envelopes
that they just can’t keep up and can’t hold onto them all at once,
and so sometimes packets do get, so to speak, dropped, both
physically and also digitally, and this means some packet is lost. And so what’s nice about the internet
is that when my computer here talks to the nearest Harvard router
that may very well have antennas in a room like this or an access point,
I might send off a packet here and here and let’s send this all the
way to the back if you could, but these packets, as you
can see, don’t necessarily need to travel the same
[? path ?] because– what’s your name in the second row? AUDIENCE: Monsi. DAVID J. MALAN: Monsi. So Monsi is getting a little busy. So Kara, if you could
route to someone else. This is literally the effect
that happens on the internet. If one router, like Monsi,
gets a little bit busy and her attention is elsewhere or just
has too many packets to deal with, she won’t even necessarily
drop it but maybe their path will just
be routed around her, and that’s what’s nice about having
this mesh network around the internet. Now unfortunately, one of
those packets can get dropped and in fact this is a perfect example. If you want to drop it, drop it. Uh-oh, a packet was dropped! What TCP does for us is the following. Once those envelopes reach
hopefully one specific person– OK, you are the lucky winner. Whoever, wants to– how many do we have? Two there? Where did the third go? That’s OK. TCP can handle multiple
packets being lost. AUDIENCE: It’s over there. DAVID J. MALAN: Oh, and so packets also
don’t take the shortest path sometimes on the internet. So what might happen? So let’s assume for
the sake of discussion that those packets did make their way
to at least one of our audience members here. He or she, upon receiving
them, would also see not just the origin address
and the destination address. There would also be some notation,
like a memo line on the envelope saying 1 of 4, 2 of 4, 3 of 4, 4 of 4,
so that the recipient can infer from that little hint whether or
not they received all 4 or just, as in this case, a subset
thereof, and in that case, assuming the computer speaks
TCP, it can simply say, hey David, resend me packet
number 1 or packet number 3 or whichever were actually lost. And so together all of this
happens at blazing speeds. 10 milliseconds to do all that
back and forth to New Haven, let alone even faster here
on campus, but those really are the basic principles
and building blocks that are just getting our data
from one place to another. Of course, the real
interesting stuff happens when we dig deeper into this
envelope and look at the contents. Not just the cat as in this case, but
the language, HTML and something else called CSS which we’ll
do shortly, but I thought it might be fun, especially on the
heels of our look at forensics, to take a look at just how
sort of presumptuous Hollywood tends to be when presenting us
humans with technical details that now you’ll perhaps have an
even better eye for in addition to the age-old “enhance” line. [VIDEO PLAYBACK] – It’s a 32-bit IPP4 address. – IP as in internet? – Private network. [? Tamia’s ?] private network. [STUDENTS LAUGHING] – She’s so amazing. – Oh, Charlie. – It’s a mirror IP address. She’s letting us watch what
she’s doing in real time. [END PLAYBACK] DAVID J. MALAN: OK, so
we’ll hold it on this screen here because one, a few of you
laughed when you saw the bogus IP address because the number was what? AUDIENCE: 275. DAVID J. MALAN: 275, which
is too high and that one we could forgive because you don’t
want like random people pausing their videos on the internet then
trying to hack into or get access to that URL, but even funnier is
when the hacker is being described as doing this on the screen
as part of their attack. This is like the source code in
a language called Objective-C for some kind of drawing
program, as suggested by the use of crayons in
the code as a variable. So let’s pause there and when we come
back in five minutes, we’ll take a look at HTML itself. All right, so we’re back and we’re
about to learn a new language. Though this might feel like
a lot to do in just an hour, this one’s a markup language. So it’s not a programming
language, which means you’re not going to see loops. You’re not going to see functions. You’re not going to see conditions
or any of the kind of logic that we have built into C and
into Scratch and eventually Python and JavaScript. You’re instead going to see just
what are called tags, pieces of English-like syntax that
just tell the browser what to do and what to stop doing. So we’re going to see tags that say
start making this text centered. Stop making this text centered. Start making the text bold. Stop making the text bold. So these very deliberate
kind of statements that we’re going to express
using something that’s code-like, but it doesn’t give you logical control. So as such, there’s a pretty
small language ahead of us and a lot of what you’ll do
when learning HTML is just check an online reference or an
example online or look at the source code of actual web pages to just
figure out how these things are done and today, we will focus
on the fundamentals. So this is perhaps one of
the simplest web pages you can write in a language called HTML. It’s a text-based language. All of the tags resemble
some English words and there’s a pattern to the kinds
of things that you might type. First of all, if you’re using the
very latest version of HTML, which happens to be version 5,
it’s been around for a while, you simply start every web page with
this cryptic incantation at the top here. Open bracket, !doctype
HTML female closed bracket, as those things are called. Angled brackets, which you’ve probably
not had many occasions to type on your keyboard, but
starting soon you will. Then after that, they start a pattern. So HTML>and then all the way at the
bottom is what we’ll call the opposite of that tag. If this is a start tag, this will be
an end tag, or if this is an open tag, this will be a close tag, differing
only with this forward slash that’s inside of the tag. So this says, hey browser,
here comes a web page. This says, hey browser,
that’s it for the web page. Again, this sort of starting
and stopping mentality. Meanwhile, inside of the web
page as denoted by the HTML tag, there are two parts, a head and a body. The head of a web page tends
to contain very little. It’s usually just like
the title bar in the tab that we humans see when
you visit a website, and the body is like 95%
percent of the contents of the page, the actual viewport
or the rectangular region that contains actual content. What is that content? Well here in the head
we have a title that’s going to be “hello, title”
just because and then in the body of the web
page, this web page, there’s going to be “hello, body.” That’s it. That’s HTML. If you save this text in a
file, open it in a browser, you will see a really lame web page
that says hello title and hello body, but that’s a web page using
HTML tags as they’re called. Anything in these angled
brackets are tags. So I can actually see this
pretty clearly even on my Mac and you could do this
on your PC as well. I’ve opened up TextEdit and I’ve
configured it to be simpler than the default, so know that I’ve
done a little something in advance, but you could use notepad on Windows
or any other number of other programs, even Microsoft Word if you save it
in the right way or Google Docs, but let me go ahead and just recreate
this as !DOCTYPE html, open bracket, html, and just to kind
of remember to do things, I’m going to tend to get ahead of
myself and sort of start and finish the thought and then dive in inside. Let me go ahead and do head
here, close head tag here, and I’m indenting, just for good
measure, one, two, three, four tabs, though so long as you’re
consistent the browser will be perfectly content, as will we. hello, title, title, open bracket,
open bracket body, closed bracket body, and then hello, body. So that’s it. I’ve just typed out the
exact same thing as before. Let me go ahead and save this
as not hello.txt or certainly not hello.c but
hello.html by convention. I’m going to hit Save. Mac OS is kind of warning me that this
is text, not something called HTML, but I know what I’m doing and
I’m going to say use HTML, and now I have a file called hello.html,
and if I go to my desktop, here in fact it is. And if I double click on it, there, in
fact, is that pretty simple web page and if I actually reveal
the tab, there it is. Hello, title in the very top tab of
the page and once I get rid of that do I see the body again. So that’s it for HTML at least
in terms of its basic structure, but there are some other features
that we can take advantage of as well, and let’s actually tease these apart. Notice, first of all, that
there is indeed this symmetry. What is opened is almost always
closed as well in the opposite order. Just as head here and
title here, and then followed by body and then
the contents therein, but because there is this
structure, you can actually think about this in a relation
to the past couple of weeks when we’ve talked about data structures. I would argue that this
HTML on the left is kind of equivalent to
this tree on the right, and we didn’t spend a huge amount
of time talking about trees, and even when we did we used
them for algorithmic reasons like a binary search tree to
search data pretty efficiently, but if you think about it, here
is the document, which I’m just drawing with this shape
here kind of arbitrarily and it has one child like the
entire page as I’m drawing it, which is the HTML tag here. The HTML tag has two children,
so to speak, to borrow our language from our data structures. So head and body from left to right. Head has a child called title and
then title has a child of some sort, even though it’s just raw text. It’s not another tag
with angled brackets, just as body has its own
content there, just hello, body. So that hierarchy and the deliberate
indentation, which is there just for us humans– the browser does
not care about whitespace– lends itself to an
implementation in memory, and so long story short, when
your browser receives an envelope, inside of which are not just those
HTTP headers, outside of which are not just the IP
address and TCP port, but inside of which is a text
file containing HTML like that, all the browser does is
load that file into memory, read it top to bottom, left
to right and essentially build a tree structure in memory so
that it knows how to represent it underneath the hood, so to speak. And in fact, you’ve
seen HTML all around you even if you’ve just never looked
underneath the hood, as we say. In fact, if I go to
like harvard.edu and let the redirects happen in the usual way,
let me go ahead and inspect the page. This is another way in
Chrome and in other browsers to get at the developer tools. You can control click or right click
on the web page and choose Inspect. That opens up the same tab. Previously, we used the network
panel, but if I click on Elements you can actually see all of the
HTML that composes Harvard’s page, and it looks beautiful here. It’s nicely color-coded. It’s prettily indented. I can dive in deeper
with all of these arrows, but that’s probably not
how the humans made it because if I also right click or control
click and choose View Page Source, and you can do this in
any browser as well, here is the mess that actually
came back from Harvard’s server. This is HTML and my
god, like, it’s a lot. I see no indentation, so
style 0 here, but that’s OK because it’s a browser reading it. It’s not a human in
this case and similarly, if we visit something like yale.edu, and
let’s go ahead and open up their page source, it’s similarly going to be
kind of overwhelming and a lot of it, but rest assured that even though
these web pages might look really, really sophisticated– like, my god,
we’ve never written a C program with 500 plus lines of code– a lot of this stuff is
generated, and in fact, one of the challenges of pset7 and
pset8 when we explore web programming is going to be not to write hundreds
of lines of HTML, which would just get mind numbing quickly, but
to write a few lines of Python or a few lines of JavaScript that
programmatically, like with loops, generates all of the
structure of your web page. So if it’s like a web page of
photos like a Facebook photo album, Facebook doesn’t have people writing
out thousands of lines of HTML code every time you upload a photo. They have code in PHP
or some other language that has a for loop that iterates
over all of the photos you’ve uploaded and spits out the same HTML but
different image for each of the photos you’ve uploaded, and that’s where
web programming comes into play. You’re not writing the
HTML, you’re generating it by actually writing programs. So today we set the
stage for that capability but first we just need a
framework for actually doing this. So rather than use,
now, my local Mac, which is kind of lame because I can open the
web page but no one else in the world can access it, and in fact,
if we do that again, you’ll notice here, if I double click on
hello.html and open the URL bar, it’s curiously clearly
not on the internet. Like, it’s not http, it’s not
https, it’s literally file://, which just means it’s a
file on my local computer. So none of you could reach
that because of course this user jharvard on my laptop
exists only on my local Mac. So fortunately we have a web-based
IDE with which to put stuff on the internet, but there’s a catch. The IDE itself, recall, is
a web application, right? It’s code that friends at Amazon
wrote and that we added to that runs on a server somewhere and, as we’ll
see, somewhat in your browser too, but more on that when we
talk about JavaScript, but CS50 IDE already has a URL like
https://cs50.io or https://ide.cs50.io slash whatever your username is. So we’re already using port 80
or maybe 443 for the IDE itself. So how in the world could you
write web pages in the IDE and then serve them on the
internet if the IDE itself is already using the standard port? Well fortunately you can
write on the envelopes, when trying to access your own web
pages, a hardcoded TCP port number. It doesn’t have to be 80,
it doesn’t have to be 443. Those are just the defaults. If I want to actually
visit pages in my IDE, I can just run a web server
on a different port number, like 8,080 by convention
or 8,081, 8,082. Just a pretty big number that odds are
no one else is using on some system. So let’s see this as follows. Let me go ahead and in the
IDE here create a new file. I’m going to call it
hello.html and I’m just going to go into that text
file, whoops, which I closed. Let me go ahead and just
grab the code that we’ve been using here, which is
right here, go back to the IDE, paste it into the text file here,
click Save, and now I have in the IDE a file called hello.html, and
indeed if I look at the file browser and I look on the left-hand side,
there, in addition to the sample code, is hello.html, but if I double
click this file it’s not very useful because it’s going
to open the editor, which is not like a web page. It’s the source code for my web page. So I actually now need
to run a program that serves this file just like Facebook
does, just like Google and Harvard and Yale do, and I’m going to do this
literally by running http-server, and I’m going to say on port 8080. So -p in this particular
program means port and I’m just going to say, hey CS50
IDE, start a program called httpserver whose purpose in life is to listen
for requests on the internet, but specifically on that port number,
and serve up whatever requests come in. So I’ve gone ahead and hit Enter here. Starting up httpserver. It tells me the long URL
that this is available at. Your URL will be a little
different with your username and if I open this now in another tab,
it’s a little cryptic at first glance. I’m just seeing the index or contents
of my directory and in there is like a secret .c9 for Cloud9 directory. Don’t delete that or change that. That just has metadata
related to the IDE. Source6 I downloaded earlier and you
can too from the course’s web site, but there’s hello.html,
and on the left-hand side here, you’ll see some
cryptic looking permissions. This has to do with who can read
and who can write your files, but for today all I care
about is that the file exists. So now, like a user on the internet,
I’m going to go to here, click on it, and viola! There is my actual web page. So notice, the URLs are very similar. Here I am on cs50.io
and here I am on cs50.io even though your user names
will of course be different, but the IDE is running
on the default port, 443. I’m now temporarily
serving up my HTML files using port 8080 just
because and so that’s how a server can do multiple
things and how you can do multiple things on the server at once. So let’s do something else besides that. Let me actually introduce a
few other fundamentals that might be handy when writing HTML
and let’s go ahead and do this. Let me go ahead and create a
new file and we’ll call this one paragraphs.html, and let me go ahead and
just name this like paragraphs and down here I’m going to have
some paragraphs of text, and I don’t really know what I want
to say so I’m going to Google some– so standard Latin-like text. Oh, I want like three paragraphs of
Latin-like text and so here we go. Then there’s a random
website that just generates placeholder text in faux Latin. So, Paste. There are my three paragraphs. I’ll be a little nice
and tidy and indent them so it looks at least
somewhat nicely styled. Save the file and now let me go back
to the URL I was at a moment ago. Now notice I have two files being
served by this HTTP server program. Click paragraph– oh. OK, one, Chrome thinks
the page is in Latin. [STUDENTS LAUGH] Actually, soccer inferior
element estate planning time. Tomorrow soss quiver before as the– that does sound like the
Latin I learned years ago. All right, so Show Original. So the point is not to focus on
the Latin, but the apparent bug. Like, what’s it not doing that maybe
you thought it should a second ago? AUDIENCE: No indentation. DAVID J. MALAN: Yeah, there’s no
indentation and also there’s no what? There’s no break. I mean this is one big
Latin-like paragraph. It’s not three. Well this is simply because a browser
only does what you tell it to do. Let me go ahead and shrink this
window and, as an aside, what you’re seeing here, all this mess in
the bottom terminal window, as the httpserver program is running,
it is logging all of the HTTP requests that come in from browsers just so
you can kind of debug or diagnose, but we’re going to just
ignore that for now and let this thing run down
here in the background. But if I want paragraphs I need
to be a little more pedantic and actually say, hey browser, make a
paragraph with what’s called the p tag, and let me go ahead now and indent
even though the indentation clearly doesn’t matter. It’s just to keep my code nice and tidy. So, hey browser, start a paragraph. Here’s the text. Hey browser, stop the paragraph. Same thing here. Let me go ahead and start a paragraph. Then let me go ahead
and stop the paragraph. Notice the IDE is trying to be helpful. This is not helpful. This is not a password, but it’s
trying to autocomplete my thoughts. That’s fine. I’m just going to ignore it. Then let me go ahead and
close the paragraph and save. So it’s a little more verbose, but
anything in the tags the human is not going to see, but when you reload the
page, as with command or control+R, or if you go up here by
clicking the reload icon, whatever it looks like in your browser. Now I have three Latin-like paragraphs. So it’s a little more deliberate here. So that’s all fine and good, but
the web is kind of more interesting when you can actually link to things. So let’s actually do that instead. Let me go ahead and create a new
file called, let’s say, link.html. Go ahead and paste this here and
say we’ll name the title link. Let me get rid of all of this
just so I have some placeholder and I can say something
like “Hello, world! My favorite school is…” and just to play it safe
today, “stanford.edu.” Save, reload, click
link.html and nothing. So here too it looks like a domain
name and it certainly is, and frankly, all of us now are probably conditioned
in tools like Slack and Gmail and other tools and Facebook that just
kind of figure out that, oh, if something looks like a
domain name, make it a link, but that’s because someone at Facebook,
someone at Google knows HTML and knows how to use if conditions
and elses and just says, oh, if a string that the human has typed
in looks like a domain name ending in .edu, make it a link. But how do you make it a link? We can now do this manually. It turns out you need an
anchor tag abbreviated as a and then I’m going to close the
anchor tag at the end of the text that I want to anchor a link
to, but this isn’t enough. I need to be ever so explicit as
to where I want this link to go, and so it turns out HTML also
supports what are called attributes. So tags are the things
in angled brackets. Attributes are also inside
those angled brackets, but they come after the tag’s
name, and they just going to modify the behavior of the
tag, and it makes sense here to need to modify the
behavior because 20, 30 years ago when HTML was
invented, we didn’t make up a tag that leads to stanford.edu. We made up a more generic tag
that anchors to some destination, and so here I can now do
www.stanford.edu, save the file, and notice, this is like saying
to the browser, hey browser, here comes a link or hyperlink
to Stanford’s web site, and then the end here it says hey
browser, that’s it for the link, and thankfully it’s not super verbose. You don’t have to repeat
the attribute at the end. You just repeat the
tag’s name, otherwise you’d be typing the same
thing again and again. If I now go back here and reload the
page as with command or control+R, now it becomes the familiar
and blue underlined link, and if I click on that,
notice first it’s super small. You can see where the link
is actually going to lead, and so if I click on this we’ll
see Stanford’s website and voila. So now we’ve visited their page as well,
but there’s an interesting side note here, and if you want to kind of think
about things called phishing attacks or frankly, Harvard once in a
while and Yale once in awhile will email out warnings like
“beware of this phishing attack.” P-H-I-S-H-I-N-G. This is when people on
the internet generally send you emails or some kind
of spam trying to trick you into visiting a phony website to harvest
your usernames, passwords, credit card numbers and whatnot, and honestly,
most of those phishing attacks boil down to this
10-line example of HTML because what’s to stop me from
saying something like “Hello, world! Confirm your password at…” and then we’ll say like
paypal.com and then over here, I can change this
to like davidsphishingsite.com, which hopefully doesn’t exist. One year I went to badplace.com and– anyhow, so– [STUDENTS LAUGHING] Here I’ve gone ahead and saved the file,
reloaded, and the link is indeed blue, but before I click on it,
only the most estute of users is going to even bother
checking the bottom left hand corner to see where they’re
about to be whisked away to and even most of us in
this room, myself included, are not so paranoid
that we’re constantly checking those kinds of things. Odds are, if I get an
email like this, oh my god, my accounts been compromised. I’ve got to go confirm my password
for PayPal to protect my money. You might very well
just follow the link, but of course it can go anywhere you
want just via this very basic building block, but this is just one
way you can vet actually what’s going on underneath the
hood, but of course the internet is more interesting
than just text alone. Let me go ahead and open up
an example that I whipped up in advance here using image.html
and we’ll see another tag here. So here is another opportunity
to use an attribute and one that’s also not
necessarily visible to the user. So here’s an image tag. Humans years ago decided to be succint. It’s img>for image, just
like it’s just a>for anchor. The source, src, of which is
going to be that file, dan.jpeg, which I downloaded in advance
from the URL up above, and in fact, this is gray in the cs50
IDE because it’s syntax highlighting it just like in C. This is
what’s a comment in HTML. So if you want to make notes
to yourself or to viewers, some sentence or like
a citation like this, you can use an HTML comment by doing
! // //>and you can write anything between those things– for
the most part– that you want. So just like in C do we have the //. So here’s the source
of this image and this is like an alternative explanation of
it, alt. Why might this be compelling? I want to show the image to a user. Yeah? AUDIENCE: Is it for like if
they hover their mouse over it, they can see what’s happening. DAVID J. MALAN: Yeah,
so a couple of reasons. If you hover over the image you can
actually see some descriptive text. So like Handsome Dan
here, like Yale’s mascot. If the user has trouble
seeing or is blind, you might need a screen
reader to actually tell you what it is that’s on
the screen, and it’s not obvious from dan.jpeg
what that could be, but if you have this
alternative text, a computer can recite verbally Handsome
Dan, which might then jog the person’s memory as to what
it is that actually on the screen. Or if you have a really
slow internet connection, sometimes you’ll see a
placeholder for an image that just says what it is before
the image actually downloads. So being mindful of
these kinds of things will just make, ultimately,
your websites more accessible, and indeed if I go to this one now
and go into my source6 directory where we have even more examples
at our disposal and go to Image 6, here is their adorable Handsome
Dan as of this past year. So there’s an image. We can kind of do funky
things now with nesting. So this is not all that interesting
because it doesn’t go anywhere, but I could just combine these ideas. I could do a href=http://www.yale.edu
or, because I don’t want the user to bother getting redirected,
I could just proactively make it secure because I know Yale
supports that per earlier, and I can nest these tags like this. Now if I go here, reload,
it still looks the same but notice my cursor changes to like a
pointer, and if indeed I click on that, now the image leads to Yale’s web
site, but I skimmed over something. One of these is not like the other. What detail have I
kind of not mentioned? Yeah. AUDIENCE: The image file
closes within itself. DAVID J. MALAN: Yeah, the image tag
kind of closes in and of itself, and so there are some of
these anomalies within HTML where there really isn’t a notion
of, like, start doing something and then eventually
stop doing something. Like, an image is either
there or it’s not. Like, you can’t kind of put
something in between it conceptually, and so some of these tags in
HTML are what are called empty. Like, they should not have
anything after the open tag or before the close tag. So if you wanted to be really sort
of precise you could say this, but you should not put
anything where my cursor now is because it would make no sense to
try to put something inside of an image, but this is just kind of lame to
have this unnecessary verboseness. So you can just put the slash in
there and technically in HTML5 you don’t even need the slash in
this case, but at least this way, and I think for pedagogical purposes,
doing it, even for empty tags, makes sure and makes more clear
visually, when and that your tags are balanced. So that’s the only
anomaly there and then there’s bunches of others which we
can fly through really quickly here. So if I go back to our examples
here, I whipped up headings.html. So if you want to do
something like this if you’re writing like a book or a website
that has like chapters and sections and subsections and so
forth, HTML lets you easily format things as big and
bold, slightly smaller and bold, slightly smaller and bold, and so
forth by using the h1 through h6 tags. So if I go into headings, this
is how I made this web page. I simply have h1, h2, h3, h4
opened and closed and that’s it. So any time you’re reading
some kind of online text, odds are they’re using one or more
of these tags to format the page. If we look at another example in here,
we have something like list.html. Lists are not uncommon on the internet,
you’ll never believe number three, and here’s how you might do something
with a bulleted list by just marking up three words– foo, bar and baz– and the HTML for this,
if I open up list.html, simply looks a little more verbose
in that we need a parent element so to speak, borrowing
our tree terminology, but here we have an unordered
list, or ul, each of which has one or more list
items, or li, each of which open and close foo, bar and baz. And if I really want it
numbered, I can also do this. I can change unordered list to ordered
list, ol, reload and now the browser figures out the numbering for me,
which is nice if you have lots of data and you don’t want to deal with
actually laying it out yourself. Meanwhile, we can go one or two
steps further before we actually get to something functional. Here is kind of the
most complicated of all, but it too just kind of
tells the browser what to do. So before we look at the result, this
says, hey browser, here comes a table, like tabular data. Rows and columns like Excel
or Google Spreadsheets. Hey browser, here comes
a table row, or tr. Hey browser, within that row,
here comes some table data, a.k.a. a cell or column. Here comes another cell. Here comes another cell. So that’s one, two,
three cells in a row. Hey browser, here
comes three more cells. Hey browser, here
comes three more cells. Hey browser, here comes three
more cells and if we actually render this in the browser, you can
see the layout of a sort of old school phone pad on your phone. It’s not very pretty, it’s
not very well formatted, but if we zoom in you really do see
that it is lined up in rows and columns as I sort of verbally implied, but
this is all very kind of underwhelming. Like, Google is cool
because you can go to it and you can actually search for cats
and find lots of cats on the internet, but how is it that this actually works? So, aww, bad news today. OK, so we’ll just zoom in on this one. OK, so let’s try to focus
on the pedagogy here– of cats– as follows. Let me go ahead and focus on really the
URL, which is kind of long and cryptic, but let me just throw away honestly
anything that kind of looks confusing or I don’t understand. I have no idea what source means
so I’m going to get rid of that. I have no idea what
the rest of this means. I’m going to get rid of that and I’m
going to try to distill– granted, with some foresight because I
knew how Google works here– I changed the URL to something
much, much, much simpler. Cats,f where it’s
www.google.com/search?q=cats. It seems that, somehow or
other, Google’s behavior is controlled by information
that’s conveyed in the URL, and it’s not just that I’m searching. It’s that I’m searching for cats. So in fact, on a whim, I’m going
to search for dogs instead and hit Enter, and indeed a few things change. We have all these dog images
appear here on the right. We have the text
pre-populated up here and we can search for any
number of other things here, like Harvard
Yale prank 2004, Enter, and there you have a Wikipedia
article on the video we saw earlier. So it seems that you can
parameterize the behavior of Google just by understanding
how this URL works. So here is kind of the path
that’s being requested, the file or folder or whatever that is. A question mark says, hey
browser, or hey server, rather, here come some HTTP parameters. Some inputs from a human who’s either
filled out a form or apparently is kind of hacking the URL bar here,
and then the name of the parameter comes next. q, meaning query, and this
is what Larry and Sergey decided years ago for their search
box, an equals sign, and then whatever it
is the human typed in. Now it got a little funky here quickly. Now you see %20. That is the web’s way
of encoding a space so that it’s not a physical space,
it’s all one contiguous string. So it’s just one contiguous string for
the server to actually look at or read, and so why is this useful? Well it turns out I can
leverage this information and kind of implement my
own Google pretty easily. Let me go ahead and go into search.html,
one of the other examples I whipped up, and you’ll see another tag all together. Inside of the body of this
page is an HTML form tag, and the form tag takes a
couple of attributes I know. One is action, which
is the URL to which you want to send the form’s
information, and the other is the method that you want to use. Now it’s a little inconsistently
lowercased here just because, but we did see that verb before. Where? Where did we see this verb? This was like the somewhat arcane
message that was going, supposedly, inside one of these envelopes when
we said GET in all caps /http1.1 and so forth. So it seems that if you
want, as the web developer, to create an HTML form that has text
boxes and maybe checkboxes and dropdown menus and so forth that submits its
information when the user clicks Enter or a button to this address, and you
want it to go inside of a virtual envelope using that GET verb, you
literally just say method=GET. And then down here I seem to have
two inputs, one of whose names is q, the type of which is a
text box, and the other of which is a submit type, whatever that
is, the value of which is search. Now you would only know what these
things mean by seeing them demoed or looking at some online reference, but
if we pull this up to see the results we have a super simple– and I’ll zoom in– very, very simple
version of Google, right? It don’t even have the logo, but it does
have, I claim, all of the functionality because watch what happens if I type in,
for instance, whoops, birds and click Search. Oh my god, I implemented Google
with just like 15 lines of code, but not really, right? Like, I’ve implemented
the front end of Google, which I got to start Googling
these things in advance OK, uh, these are very sad stories. [STUDENTS LAUGH AT MORBID NEWS
HEADLINES] DAVID J. MALAN: OK, so the point though
is, the point– look up, look up. The point is that the
URL is what I generated. So using those HTML tags coupled
with the human’s cooperation and actually clicking
a button did I then generate this URL, whisk
the user away from the IDE to google.com, where Google
is handling the back end, like all of the hard work,
actually checking their database, rendering the HTML, but
I made the front end, the user interface via which you can
actually interact with Google’s search engine there. And it boils down to just
these basic heuristics, but of course this is a pretty
ugly search engine, right? Black and white text box, a
gray button and that’s it. Like, even Google, simple though it
is, has a little bit of style and color to it and things are centered
and kind of spaced differently. So there’s an art to this
ultimately and indeed being a web designer in
itself is a profession and in fact, you’ll find in
industry that some people are good at front end design. Some people are bad at it. I’m among the ones worse. Like, my web pages look like that
search box just a moment ago, but some people really prefer the
non-graphical stuff, the back-end, the database stuff, and indeed one of
the takeaways over the next few weeks will be for you to figure out for
yourselves if you like any of this at all certainly, but also
like what your preferences are. And you might hear terms
in industry these days like front-end developer,
back-end developer. That just means do you work on what
the user sees in their browser or app or do you work on the back-end,
the database stuff that’s really important and
sometimes quite difficult, but that the user doesn’t
interact with directly. Or are you a full-stack
developer, which means you just do all of this, which
all of you from CS50 are effectively, albeit after just
one or so semesters of background. So how do we start, though,
to make things prettier? Well it turns out that HTML, for the
most part, is just a markup language. It’s for structuring a web page
and semantically tagging things, and by semantically
tagging things I mean like, hey browser, here’s
the head of my page and that’s a concept, semantically. Hey browser, here’s the body
of my page, and that too is a concept, semantically. I didn’t say anything about bold
facing or font size or colors or all this stuff that’s important
for a good user experience, or UX, but that can be decoupled
from HTML, and in fact, one of the challenges as you
learn HTML for the first time is to try to make your way through
various online resources and references will sometimes combine these ideas. So, again, today we’ll focus not just
on correctness, getting things to work, but design as well. So here, for instance,
is a super simple web page for someone named
John Harvard that has a header and a main part and a footer,
and header is distinct from head. It’s sort of poorly named here. Head of the web page is just the tab
bar and other such things up top, but semantically you might have
a page with like three parts. Like the header, like the title
on the body of the page itself, like the main part where
the actual contents are, and then a footer like a copyright
symbol or something like that. So this might be a general
division of a page, but notice I’ve styled
it a little differently. Let me go ahead and open this up in
a browser as I did just a moment ago and go to, sorry, I’m going back
through my entire internet history here. Let’s go ahead and open this up
just as we did before at this URL so that we can go ahead
and open up CSS0.html. Notice that, oh, this is already
marginally better than the pages we’ve looked at before if only because
it’s centered, which is a step forward from everything just being left. The first line is a little bigger. The second line is kind of medium
and the bottom line is the smallest. So there’s a little bit of style
here, but not all that much. So how did I actually do this? Well take a look at the code here. I have added, now, a style
attribute to several of my tags. So the header, the main
and the footer really aren’t styled in any specific way. They’re just a way of
telling the browser this is the important stuff
for the title, this is the important stuff
for the main part, this is the important
stuff for the footer, but the stylization or aesthetics
come from this yellow text here, thanks to the IDE
syntax highlighting it, and notice this text
follows a different pattern. Up until now, we’ve been using
angled brackets and words and equals signs and quotes. Now, inside of those quotes,
we also have another pattern when you’re using this second
of two languages today, CSS. fontsize:large is the stylization for
this particular element’s content. Text align should be center. These are two CSS properties. CSS, cascading style sheets, and
we’ll see what that means in a moment, but this is just how you configure
the style of those elements, and indeed that’s why one is a little
bigger and then a little smaller and then even smaller because, notice,
I did fontsize:large, fontsize:medium, fontsize:small. All right, but as we’ve often done,
let’s iteratively improve upon this. Even if you’ve never
seen HTML or CSS before, there’s some poor design
manifest in this simple example. What might you say seems wrong or
seems a little copy paste-like? Yeah. AUDIENCE: They’re all
centered [INAUDIBLE].. DAVID J. MALAN: Yeah,
they’re all centered and I literally like copied and pasted
that CSS property, its key value pair, its name and
value, again and again and again, but remember
the hierarchy of HTML and the DOM, Document Object Model,
the tree we drew a little bit ago. All of these elements–
header, main, and footer– have a parent element called what? AUDIENCE: Body. DAVID J. MALAN: Yeah, body. So one level higher,
which is indented this way or in the tree is higher up in that
family tree-like drawing, all of these are children of body. So why don’t I just move or
factor out text align center into the elements above it? And herein lies the cascading of CSS. Cascading style sheets means that
if you have a property up here, it will cascade down to all of the
children and descendants below it and it means another thing, too. You can even override
these properties somehow, but we’ll see that before long. So if I go ahead now
and open up CSS1.html, notice that I did
exactly that improvement. The code’s a little tighter now. It’s fewer characters,
easier to maintain because now if I want to change
it to left or right or center, I change it one place, not three. And so this is kind of consistent with
some of our design takeaways from C and indeed, if I visit this page,
CSS1.html, it looks the same, but it’s better design
underneath the hood. But we can do a little better still. If I open up CSS2.html,
notice that I’ve done this. I rather like this design now
because it’s even more succinct. I’m not using the style
attribute anymore. I’m using a different
attribute called class, and class is kind of a way to define– much like a struct in C lets you define
your own data types, a class in CSS allows you to define a name for
a whole bunch of properties, and so here I just said let’s call
this class large, medium, and small, and I don’t know what
those mean, and frankly I might be working with a friend
who’s much better at design than I am so I’m going to let him or
her actually define these meanings. I’m just going to kind of tag
things in this way semantically, but if we scroll up in this file, you’ll
see that for now I have no such friend, and so I implemented it myself,
and here’s, for the first time, one other thing in the head of the page. Up until now, we’ve just had
the title, but it turns out you can have a style tag. Not just an attribute, but
a style tag inside of which, it’s a little cryptic at first glance,
but there’s some pattern here, clearly. You have all of those properties,
but the new syntax here is that if you want to define
a word called centered, you literally do a period
and then the word centered. If you want a word like
large, you say .large. So it’s similar in spirit, though not
quite the same as like typedef in C, but you say .center,
.large, .medium, .small. You use our old friends curly braces,
which we will only see in CSS, and this just defines
one or more properties to be associated with that new keyword. And so, if we scroll
down here to the bottom, you’ll see that I centered the body. I made large the head, medium
the main, and small the footer, and the result is going
to be exactly the same. Very underwhelming, but
again, marginally better design because now we are just one
step away of really improving this. If I do finally have
that friend, it’s not going to be very easy to
collaborate, ultimately, if we’re both working on the
same file and moreover, it seems unnecessary to
introduce these semantics. Like, why do I have to have tags
like header and main and footer and classes called large and
medium and small and centered? Like, why don’t I leverage the
names of these tags themselves? And this is where HTML
can be pretty powerful. Notice I’ve simplified
some of my CSS up top. I’ve dropped the period,
which was like typedef. Like, give me something called large,
give me something called medium. Now I’m just saying literally a word,
but those words are identical to what? AUDIENCE: The tags. DAVID J. MALAN: The tags themselves. So preexisting tags, if I just
mention them by name without a period, which gives me a new name– I just mention the body, the
header, the main and footer, and then, inside of the curly
braces, define my properties, now I can just stylize the actual
tags as they exist in my page, and this now looks like really
readable, maintainable HTML. There is no aesthetics associated
with the markup language here, but rather there’s useful tag
names that come with HTML– you can’t just make up your own tags. They’re in, sort of, the documentation,
but now it’s just much more readable, and this might look different on my
phone or your phone or your laptop, but my friend who’s good at
stylization can figure out how to style all of these things, and
better yet, he or she doesn’t even need my file. In the fifth example here,
notice that’s it for the page. We’ve gotten rid of the big style tag
and replaced it apparently with what? AUDIENCE: Href, a link? DAVID J. MALAN: Yeah, link href,
which is a horrible, horrible name because it’s not like a link
in the page and hyperreference was already used for a link in a page,
but this is what we’re stuck with. This just says, hey browser,
include this CSS file that is elsewhere on the server. The name of this file
is arbitrarily CSS4.css because this is our fifth
example here– zero index. The relationship of
this file to this page is that it’s a style sheet, which is
just a list of aesthetics or properties that should characterize its layout
and indeed, if I open up CSS4.css, I just copied and pasted
everything in there, but this is nice now in
principle, even though we’re just creating work for ourselves
today, because now I can share this file with someone else. He or she can work on it on their own. Then we can merge our work together
because my work’s in the HTML file. Their work’s in the CSS file. Better still, if we’re making a whole
website that has a dozen pages or 100 pages, consider this. Just like in a C header
file, I can include bitmap.h in all sorts of programs. Similarly can I include
CS4.css in all of my web pages. So if I want to change the
font size or the layout or whatever in all of my website
all at once, I change in one place, not in every darn web page that might
have been created by me or by someone else, and so there’s just that
maintainability to it too, but we can do even better than
that because even the CSS we’re looking at here is only so
good, and what’s really nice is if we go to bootstrap– let
Google tell me where to go. We’re safe. OK, so Bootstrap is a library–
formerly from Twitter, now a much larger community– that’s
a whole bunch of CSS libraries. So just as in C, we have code and
functions that other people wrote. So in the world of web
development do we have code that other people wrote and we
use that for JavaScript and Python, but even for aesthetics are
there sites like Bootstrap and other popular things that
allow us to make our sites prettier and build them more quickly
without having to reinvent wheels. So for instance, if I go down to let’s
say Content and I go to Typography and skim through here, you’ll
indeed see like h1, h2 and h3, but if you want things even bigger than
that there’s like a display heading. There’s this fancy version,
which has a fancy display heading with some faded secondary text. So pretty marginal, but I don’t have to
figure out how to do that now myself. If I want to actually have tables,
I can do much prettier tables than I did with my little old
school phone pad a moment ago. Like I can make things different colors. I can shade the columns like this and
in fact, you can do even fancier things. If I go ahead and open
up a web page and go to our big board for
speller.cs50.net, you’ll see that this is a pretty good
looking table as tables go. Certainly much better than
the one before, but that’s because we’re using
the Bootstrap library, and even more compelling
than the aesthetics are that suppose that you visit
speller.cs50.net on your phone, it starts to get pretty ugly
once your window gets smaller, but notice stuff can
just disappear magically when you’re on a mobile
device or, in this case, simulating it by using just
a smaller browser window. So using CSS and the aesthetic
power that it provides, we can also dynamically change our
files to just render differently on different devices, and then
lastly, let me open up, for instance, this under Components. This is where the really juicy stuff is. If you want fancy alerts to yell at
the user or say everything is OK, you get nice little
colored boxes like this. The forms are much prettier. I mean, already this looks much
more like the web you and I use and not the mess of a form
that I created a moment ago and long story short,
just like in C it’s pretty easy to include these things
in your own site, so can I do this. Let me go ahead and open up
form0.html, and this is literally an approximation of the very
first web application I made, even before web application
was a phrase, in 1997. I had taken CS50 and CS51. I hadn’t learned web stuff at the time. I just kind of taught
it to myself and learned from some friends and
the first thing I did was build an interactive website
via which first years could register for intramural sports because literally
that year in 1996 it was paper-based. You’d walk across the yard, open
up Wigglesworth, one of the dorms, slide a piece of paper–
old school– under the door and you were registered for a sport. We could do better even in 1997,
and so we did it with the web, and so this form0 back in the day looked
a little something ugly like this, but there’s a text box where
you could type in your name and then there’s the dorm
where you could select Matthew. So I could actually do David Malan
and Matthews and then click Register, but we don’t yet have the
ability to make backbends yet. So this form goes nowhere
for today, but you at least get these kinds of aesthetics, which
are kind of 1997 aesthetics, literally. But if we go into this
other example, form1.html, it looks pretty, pretty better now. It’s maybe a little big in retrospect,
looking at the display font, but all I’ve done is now use this
Bootstrap library, and notice, it’s a little hard to see
on the projector here, but everything’s kind
of like nicely outlined. There’s like Mark Zuckerberg
sample text there which we can override by actually typing
in our own email address here. We have a prettier looking box, a
prettier looking button, and that’s just because if we
open up, as down here, form1.html, notice that
in addition to my HTML down below and in addition
to a couple of other things that I’ve added to make things
more mobile-friendly in particular, I just added this. I read the documentation
on getbootstrap.com and I went ahead and added
Bootstrap’s library to my own code in order to have access
to its actual features, and then down here, it’s a little
overwhelming at first glance, but I just followed the directions. There’s something called div in
HTML for a division of the page. It means give me this
invisible rectangular region. The class I associated with
it is called form group. I didn’t make this word up. This comes from Bootstrap. I just did what they told me to do. I then have a label, which
makes things more accessible and you can click in different places. I have another class here
but long story short, I just read the documentation
because I know what tags are, I know what attributes are. I know a little bit of CSS
now and I know how HTTP works, and so really I have enough building
blocks in order to work on this myself. So that then is CSS and there’s one
last detail I thought I’d show us here. In all of these John Harvard
examples, as in just a moment ago, we had something like
this at the very bottom. This {} ampersand #169;. What was that rendering as, if
you notice, in the web page? AUDIENCE: Copyright. DAVID J. MALAN: Yeah,
the copyright symbol. There is, on my US keyboard,
no copyright symbol. So you need kind of a
pattern of characters with which to represent those in HTML. So just like we have /n and other
special escape characters in C, you have what are called HTML entities
in HTML that you would only know from reading the documentation, but
that’s the copyright symbol, but I thought it was rather timely to
point that out because just yesterday or this morning, Apple announced that
with the very new version of iOS that you can soon download, they added even
more damn Emojis to the Emoji character set. So these are certainly
in vogue these days and not only do we see, now, a way to
represent special characters that you couldn’t otherwise type using
HTML, it turns out all this time that Emojis are actually
just characters, chars, but they’re not 8 bits. Recall that C as we’ve
been using it uses ASCII, which uses only 7 or 8
bits total and Emojis, my god. There’s so many of them right
now and we need more than 8 bits to represent them, and thus was
born something called Unicode. Well, that is not why
Unicode was invented, but this is what Unicode is now being
used for because these emojis are simply like ASCII characters but
multiple bytes, generally two bytes, maybe three bytes, and in
fact, if you go on unicode.org, you can see that if the number in hex
1F600 represents the grinning face, which happens to be implemented
differently by different companies on different devices,
but if in closing here, I open up this same file and I change
this to 1F600 in hex, 1-F-6-0-0, save, and I go back to my browser
and I go back to CSS0, now we have a very
happy web page for you. So that’s it for today. I’ll stick around for questions
and we’ll see you next time.

Leave a Reply

Your email address will not be published. Required fields are marked *