For some time all the side projects I’ve been working on are based in the cloud, on either Amazon Web Services or Google Cloud. Both of them offer similar products in terms of what I usually. Also, their core cloud components are not that different, with AWS having way more extras. Despite the increase productivity when utilizing cloud, I noticed there is one thing I waste countless hours on. Crafting user interface and setting it up as a separate application takes definitely too much time for me. If my statement raised your eyebrow, let me explain what exactly my problem is.
Unfortunately, even though the benefits of having a separate interface are theoretically superior to downsides, in practice the latter can cause a huge pain. The reason is an application running in a browser is not the same as application running on a server. It actually lives in a sandbox environment with heavy security restrictions, which make interacting with it an obstacle course.
The problem I have to handle the most often is Cross-Origin Resource Sharing, a.k.a. CORS. This is a mechanism implemented in all the browsers that ensures that your HTTP calls to external services are actually allowed. Before making an actual GET, POST or DELETE operation to a service, browser makes an OPTION request, asking whether the current domain is actually allowed to make REST calls from the browser to the service. It’s rather easy to understand how it works, and all the HTTP frameworks and toolkits provide at least some integration, but I tend to forget about it when first deploying my backend services. Then, when I deploy frontend I have to go back to the target service and add the CORS layer, just for the compatibility. It’s an additional step that doesn’t provide any value for the users of my service, adding one more thing on a list of stuff to remember.
Another problem is the lack of SSL encryption by default in S3 and Cloud Storage, which are the most convenient way to serve these applications. In Amazon Web Services you can overcome that limitation with pushing your S3 directory to CloudFront CDN, but it’s still one more step to handle. Especially when you have to remember to invalidate the old version when you update the application. Alternatives like hosting your own HTTP server make no sense - my only requirement is serving files, I don’t want to care about hosting and scaling another service. Again, these solutions add more complexity and require more actions of me, without providing any particular benefit for the customer.
The solution is not perfect, but it does it’s job. I’m still thinking about better solution, but at this moment I am not sure whether I will be able to come up with something that won’t be a dedicated service.comments powered by Disqus