I actually just used this rewrites feature over the weekend, to proxy requests to a Flask API I created in the /api folder. This is pretty sleek

That looks pretty handy, is there a way to containerize that rewrites call so you still have your website's header on that page? Might be better if you can so that user doesn't have to use the back button before navigating to another page on your site.

Vercel puts limit on how many rewrites are available in project, so have to check it first before deploying there. On the other hand, middleware rewrites are unlimited

I learned about proxy in Next when i needed to fetch data from IGDB, found it pretty useful but I wonder what's up with all the security stuff

Can I use this for some kind of multi tenantcy app for my nextjs?

I finally made it first again 👸🏽 love ya! Great job!!!

This is dope, do you know if we can still keep our nav bar + footer and have the changelog act as a child component?

Are you sure the SEO juice lands on the intended domain? Also I had to do this, because I use a different backend on a different server. When doing normal requests I was losing 200ms on every single request to CORS / Preflight security stuff.

@WebDevCody

Ай бұрын

I'm starting to reconsider this approach. It may be more secure to just provide users a template for the changelog and just hit a rest API for the changelog data. In order to get this rewrite setup, I had to setup a lot of cors rules on projectplannerai.com which feels a bit sketch. The rewrite is convenient, but if we expand outside of next.js for vite or remix, it's not going to work well.

That just looks like a huge XSS risk.

@soumyamondal

Ай бұрын

Please explain more

@Rust_Rust_Rust

Ай бұрын

Huge XSS risk ​@@soumyamondal

@thejonte

Ай бұрын

@@soumyamondal Since we'd be proxying just any HTML sent by projectplanner, we're trusting them with script evaluation. Projectplanner could run JavaScript in the context of your site, reading your cookies and localStorage.

mhmm, interesting. I hope this is in Nuxt as well.

Would a changelog really impact SEO? Isn't a changelog something that's hidden behind an online identity (IE User account)? How would a crawler index that page when it's only cached for that one user? (Hopefully)

@WebDevCody

Ай бұрын

usually a changelog is public for anyone to view (including crawlers)

@oSpam

Ай бұрын

I think they’re confused with what we mean by a changelog. In this case the changelog is of feature additions, bug fixes of the SOFTWARE. Something like an audit log tracks the individual user activities WITHIN the software. But the changelog showcased in the video is a log of changes made to the whole application, not individual users. So it’s meant to be public

Are you currently hosting your apps with SST, or Vercel or other?

@WebDevCody

Ай бұрын

Railway for now

@williamx0

Ай бұрын

​@@WebDevCody Thanks for replying. Any reason you moved away from SST? They moved to Cloudflare to setup all the infra now and called it SST Ion. I liked the concept of SST so that I can take advantage of message queues and cron jobs easier. Without SST I'd probably be using Upstash but AWS for queues and events is cheaper. Curious why railway (esp since it doesn't scale to $0) and also any issues you had with SST?

Sure a handy one 😮

How can I hook finances to my project that is already live? Is there an api documentation for that?

@WebDevCody

26 күн бұрын

There’s an integrations tab you can click to hook into stripe

@Joseph-Codes

26 күн бұрын

@@WebDevCody my project is a payment solution on its own and I don’t use stripe. I’m more interested in the management of finance and tasks part of project plannerai

The next level down i suppose, and more complex, i guess is what theo has been talking about. Services hosting server component endpoints and hooking in that way

cool feature indeed

I used it to proxy /api to my Go api

@shakapaker

Ай бұрын

Same

@coffeeintocode

Ай бұрын

Yesssssss 🎉

can you change changelog page title to changelog other than the name of the site. This change would be very helpfull

@WebDevCody

Ай бұрын

yeah I'll work on adding the ability to customize the page a bit soon

Basically, it is called reverse proxy. But what about security, authentication, and API reverse engineering?

@WebDevCody

Ай бұрын

I’ve decided to no longer use this approach. I’m concerned about secuirty so I instead just provide an api for the change logs and a component for the jsx

Rewrites is great until that url contains hardcoded URL redirects, like mine.org/lala instead of just /lala.

😅 hacker looking forward

@WebDevCody

Ай бұрын

And what exploit are you referring to?