I have this web development course(on the university), and we are not allowed to use javascript. Only php, html and css. FML

I personally think the basic functions of a website should work without Javascript. For anything relevant to security you can't use it. And those Frameworks are mostly big and slow.

@Shiggy just for button presses on a slider or similar you'll need JavaScript. Unless you want to do some really fucky CSS which won't work very well

@JamieBohanna Well it's slower than not having a virtual dom.

@Shiggy @JamieBohanna Vue is 20kb in production with similar power as React.
For backend, passport.js supports oauth 2, also allows you add Facebook and Google authentication quite easily.
Anything can be good, if you choose the right tools for the right task.

@joas slower than not having a virtual DOM?
The entire reason for virtual DOM to exist is DOM manipulation is really slow. That's why jQuery is slow.
By only updating the absolutely minimal DOM components, it helps browser to improve rendering speed, not reduce😒

@sunfishcc I was joking about having static pages with no abstractions DOM and loading times. There's definitely use for JS and frameworks (fan of Vue.js btw) in modern web development. But like @Shiggy said, basic webpages should work without JS.

What about ajax? If I had to go page by page for everything, the UX would be horrible. Maybe I'm overthinking things.

@Shiggy don't rely on your is for security. I validate in is, then validate and sanitize in my php.

@joas is it possible set post header in a pure HTML form?
How to send authentication token then?
I might learn something here, but I really don't know.

@sunfishcc You can send POST data in a HTML form. Sure. Just method="POST".

@sunfishcc You cannot send custom HTTP headers, but there shouldn't be any need if you process the request with your own PHP code anyway.

@joas googled oauth without js, seems impossible 🤔

@sunfishcc You can do it on backend.

@joas then what's the point?

Thats where I started ... Nothing bad

I'd agree with others here in that JS can be so easy to abuse and misuse that its probably better to hold off a bit, but from the perspective of "the modern web" javascript is huge. I guess it more comes down to what the focus of the course is on, if its basic web stuff then that seems fine, but if its more about modern/new tech then it would be crazy to exclude it. There's entire stacks in JS now, and the historical issues have been largely mitigated if you follow good practices