Hide menu

Questions & Answers


Here, we gradually place the common questions with answers which we get from you.

  • Is it a requirement to do the labs in groups?
    No, though we strongly recommend it. Statistically speaking, those who worked in groups have shown to be more successful in finishing the course on time. Some advantages in working in groups are as following:
    • exercising your teamworking skills.
    • having more man-hours to spend on the assignments.
    • having discussions when facing problems on the way.
  • Is it allowed to use JQuery?

    No, it is not allowed. The main reason behind it is to have the chance to work more with the Javascript language itself.
    Note: In case of using a CSS library, e.g. Bootstrap, in the project, JQuery shall be used in the background which is an exception from the above requirement.

  • At what level the profile page, shown when the user is loggedin, needs to be styled?

    There shall be a well thought layout using html and css. No table shall be used for styling. The element "table" shall be used only when a table needs to be shown. The tabular presentation shall be also implemented as described in the lab instructions. There is no requirement as "beautiful design" but the whole design needs to well-thought, user-friendly and presentable.

  • How can we install Flask?

    For installing Flask you need to use 'pip install flask' just like installing other libraries in Python. There is a link in the "Labs" page which leads you to Flask documentation which includes instructions for installing Flask, how to get started with it, a complete documentation and code snippets:
    http://flask.pocoo.org/

  • Is it a requirement to use HTTP status codes in lab 2?

    No, it is not a requirement as explained in the lab instructions.

  • Am I required to test my implementation in different browsers?

    Yes and No! Yes as it is always a good idea to test your solution in different browsers. No as you shall require to run your web-app in one major browser during the presentation. Though, as instructed the HTML/CSS code shall validate.

  • Can I use SQLAlchemy or any other ORM in my solution for lab 2?

    Yes, you can! Discuss it with your lab assistant to find the best approach.

  • Can I use MongoDB or any other database solution?

    Yes, you can though getting help is NOT guaranteed.

  • Is it a good idea to send the token or the password as part of the URL?

    No, not at all as they can be saved in the browser if the page is bookmarked by the user!

  • Is it a requirement not to use the tables at all?

    No, The tables can be used for showing tabular data BUT it is NOT allowed to use tables for doing layout.

  • In the project, alternative 5, part 2, Do we need to protect the token when sent for the first time to the client after authentication is successfully done?

    No. This part is about protecting the token after the user was authenticated and the token was delivered to the client. So we assume that the token shall be transferred to the client ONCE without applying the measurements required in part 2.

  • In the project, alternative 9, is it possible to update the required UI measurements in lab 1?

    Yes. If lab one is already presented then you can update the measurements and the styling in favor of better looking and working design in the project.

  • In the project, alternative 1, is it allowed to do custom visualization using HTML5 canvas?

    Yes. If you have any certain way of data visualization in mind, discuss it with Sahand before getting started. It is important that your suggested solution is enough and at the same time reasonable.

  • In the project, alternative 1, is it a requirement to do singlecasts as well as broadcasts?

    No. as there is no explicit requirement that there must be single-casts. Yes. as IF NEEDED then there shall be single-casts. I would say this generally depends on the field which is going to be visualized. If the data which is going to be sent is only targeted and for one single user then it shall only be single-cast to that specific user. If the data is useful for every user who is online then it shall be broadcast to everyone.

  • In the project, alternative 5, is it possible to add SSL to our web application as/instead of the second part?

    Yes. That you can do. Please have in mind that you shall be able to present your work completely in the end.

  • In the project, alternative 5, is there any specific hashing algorithm which needs to be used?

    No. You can use any of popular hash algorithms like MD5 or SHA. See the following article:
    https://kl2217.wordpress.com/2011/07/21/common-hashing-algorithms/

  • How much code documentation is needed for grade 5? Is it needed to document both client-side and server-side code?

    Yes. But you only need to document the code that you have added in the project, including HTML/CSS/Javascript/Python, though more is recommended if there's time. The documentation needs to be clear and descriptive letting your teacher and other possible developers understand your solution well. See the following artcile:
    https://medium.freecodecamp.org/code-comments-the-good-the-bad-and-the-ugly-be9cc65fbf83

  • In the project, alternative 5 - part 2, is it the token, private key, which is going to be hashed or it is going to be used to hash something else, as a salt?

    In general both can be applied, but in this assignment as the token is the only critical data that we hide as well, user's identify, then it shall be hashed itself. As it is unique then it's hash shall be unique as well. If we salt with other parameteres then it's going to be unique for every request:

    Hash(token) -> hash which is unique for each client but the same in all the requests sent by a client.


    Hash(token + par1 + par2) -> hash which is unique in each request sent by any client. This is what we are after!

    See the email sentout about this or check the following:
    Basics of Hashing Tokens

  • In lab 3, step 2, from gevent.wsgi import WSGIServer returns the error "no module named wsgi". Am I doing something wrong?

    The name gevent.wsgi has recently been changed to gevent.pywsgi which is not reflected in the example code available on the Flask homepage. Using gevent.pywsgi instead shall solve the issue.

  • Is it allowed to use Fetch API instead of XMLHttpRequest?

    Yes, it is.



Page responsible: Sahand Sadjadee
Last updated: 2023-01-09