The Project

The Open Course Project is an Open Source system designed to improve many aspects of course registration and lookup at Christopher Newport University.

Source code for this website is hosted at https://github.com/OpenCourseProject/OpenCourse. If you're interested in contributing to the project by submitting code, filing bug reports, or suggesting improvements, your support is greatly appreciated!

This project is maintained by Adam Fendley and is unaffiliated with CNU or any specific university.

Philosophy

Through official University locations such as CNU Live and Schedule of Courses as well as third-party websites such as RateMyProfessor, Amazon, Chegg, and others, there are many different sources students use to plan their schedules each semester. The goal of this website is to provide a centralized location for all course-related information at CNU, merging data from all these sources into a single, simple website that meets today's Internet standards.

CNU has done a great job with their registration services. There are no glaring issues that exist that constantly cause problems for students. The systems that power these sites are clearly well-kept, and the school is to be commended for this. OpenCourse is not here to replace or to "fix" any problems whatsoever. The goal of the project is to make small changes, present data in a more user-friendly way, and to offer additional methods of browsing and planning.

With this in mind, a lot of careful development has been done to ensure that these two distinct systems stay seperate. This website does not offer any registration services nor does it attempt to subvert or replace any functionality of CNU Live. Because data is automatically scraped from various sources to populate this website, it could be temporarily out of date at any time. Furthermore, there's no budget for this project; everything that you see is volunteer work. There is always the possibility that something breaks and isn't noticed. Please use this resource for its intended purpose: planning, researching, and as a supplement to official University systems. Do not entrust your semester to any one non-CNU website, ever.

Privacy

When using a third-party system such as this one, privacy of your personal information is an important topic.

Personal Information

We believe that no more data than absolutely necessary should be collected at all, a reason you would never be asked for your student ID or anything similar. The following is the only personal information is collected by using this site:

  • Email address
    • This information is used to identify your account on the site. Logging in with your CNU-provided Google account is an easier process than creating a new account specifically for this website, so it is used as a means of identification.
    • You will only recieve email communications from using this site if you choose to opt-in to updates about a course or if an important announcement needs to be made, though this is rare. Additionally, if you report a bug or suggest an improvement we might follow-up with you via email.
    • Your email address is never shared.
  • First and Last name
    • This information is included in your email address and is used to personalize information on site pages, especially on your schedule that you share with others.
    • Name information is reported by your Google account and can be changed by editing your personal information on the Google account page.
    • Your name is only shared with those who you send your schedule.
User Content

Content can also be provided by you to improve your experience. This could include adding your Learning Community for display on your schedule, inputting your courses for a term, linking your Facebook account to show friends in your classes, and so on.

This content is shared at your discretion, and you control how it is sent. Your content, while not considered "secret" by man, is still "private" and should be kept that way. Content you provide is only viewed as necessary to fix problems with or improve the service, especially when reported by a user. In some cases to improve the service this content may be analyzed on an anonymized basis, such as counting how many courses have been scheduled by all users on the site to determine if the database needs to be upgraded.

Automatic Information

In addition to information related to your account, there is a minor amount of data that is automatically generated when you use the service. This specifically includes log files, which are generated by the web server to keep track of pages which are visited and errors that occur. Log files contain records such as the web request, IP (Internet Protocol) address it is sent from, browser type, and similar information.

Analyzing these files helps to understand the popularity of certain features as well as where problems are occuring for users. These files are never shared with anyone and are archived after several days.

Security

Security is one of the most important goals of this project. Not all people are concerned about the privacy of their schedule information, but for those who are it's been made a priority. Here are some details of what has been done to protect personal information:

  • No accounts are created on this site. When you login with your CNU account, you are using Google's OAuth systems which give information about your account, like your email address, to the site but never your password or any other personal information from CNU Live. Logging in with your CNU account to this site does not give it access to act on your behalf in any way.
  • The site is encrypted with an industry-standard certificate. The lock icon in the upper left-hand corner of your URL bar will confirm that this site is using SSL/TLS to restrict visibility to you and only you. The information that you enter on this site and any data you get back is unreadable even to eavesdroppers. The certificate used has an A rating on SSL Labs.
  • Development has been done to follow OWASP standards. To ensure the security of all the systems used to make this site work, careful considerations of OWASP principles have been made. This helps ensure safety in the face of both real and potential risks.
  • The source code is open. Aside from private keys used to communicate with third-parties such as Google and Facebook, none of the code that runs this website is proprietary. If you come across a vulnerability or a problem in the code that has security implications, please email me.

Extensibility

Though the goal of this project focuses completely on CNU, the framework that has been created could apply to many universities. In order to populate the site with information from a different source, the custom management commands would need to be rewired to fetch from another location. Some other discrepancies could exist in how courses are labled, but a lot of the work is written to be generic.

If anyone has a plan to use the project in a new way, I'd love to know about it!