Full-Stack Web Development Glossary

A set of rules and protocols that allows different software applications to communicate with each other by defining endpoints and data formats for requests and responses.

The process of verifying the identity of a user or system, typically through credentials such as username/password, tokens, or biometrics.

The process of determining what actions or resources an authenticated user is permitted to access, often implemented through roles and permissions.

The server-side portion of a web application responsible for business logic, database interactions, authentication, and API endpoints that the front end consumes.

A temporary storage layer that holds frequently accessed data to reduce database queries and API calls, improving application performance and response times.

Continuous Integration and Continuous Deployment. Automated practices for building, testing, and deploying code changes to production environments.

A browser security mechanism that controls which external domains can access resources on a web server, configured through HTTP response headers.

Create, Read, Update, Delete. The four basic operations performed on persistent data, corresponding to HTTP methods POST, GET, PUT/PATCH, and DELETE.

A stylesheet language used to describe the visual presentation of HTML documents, controlling layout, colors, typography, animations, and responsive behavior.

A platform that uses containerization to package applications with all their dependencies into portable, isolated units called containers that run consistently across environments.

A tree-structured programming interface representing an HTML or XML document, allowing JavaScript to read, modify, add, and delete elements and content dynamically.

A specific URL in a web API where a client can send requests to interact with server resources, typically associated with a specific HTTP method and resource.

The client-side portion of a web application that users interact with directly, built with HTML, CSS, and JavaScript and rendered in the web browser.

A distributed version control system for tracking changes in source code, supporting branching, merging, and collaborative development through platforms like GitHub and GitLab.

A query language and runtime for APIs that allows clients to request exactly the data they need from a single endpoint, avoiding over-fetching and under-fetching common in REST.

HyperText Transfer Protocol (Secure). The foundational protocol for data communication on the web, defining how messages are formatted and transmitted between clients and servers.

A high-level, dynamically typed programming language that runs in browsers and on servers (via Node.js), essential for interactive web pages, SPAs, and full-stack development.

A compact, self-contained token format consisting of a header, payload, and signature, used for securely transmitting authentication and authorization data between parties.

Functions that execute during the request-response cycle in a web server, performing tasks like authentication, logging, error handling, and request parsing before the final handler.

A server-side JavaScript runtime built on Chrome's V8 engine, using an event-driven, non-blocking I/O model suited for building scalable network applications and APIs.

A technique that maps database tables to programming language objects, enabling developers to perform database operations using native language constructs instead of raw SQL.

A JavaScript library developed by Meta for building user interfaces using a component-based architecture and a virtual DOM for efficient rendering of dynamic content.

An architectural style for web APIs that uses standard HTTP methods to perform stateless operations on resources, with each resource identified by a unique URL.

A domain-specific language used to manage and query relational databases, supporting operations like SELECT, INSERT, UPDATE, DELETE, and JOIN across tables.

A communication protocol providing persistent, full-duplex connections between client and server over a single TCP connection, enabling real-time data exchange without repeated HTTP requests.