-
Notifications
You must be signed in to change notification settings - Fork 26.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Separate client and server import? #2582
Comments
#1117 suggests alternative ways of achieving that, might help. There's also https://arunoda.me/blog/ssr-and-server-only-modules |
The problem is that Some examples: import React from 'react'
import ServerApi from 'api/server'
const Blog = ({ id }) => (
<div>{id}</div>
)
Blog.getInitialProps = () => {
return { id: !process.browser ? ServerApi.getRandomId() : 42 }
}
export default Blog
export default class ServerApi {
static getRandomId() {
return Math.random() * 1000
}
} After pseudo-transpliation: (still ES2015) import React from 'react'
const Blog = ({ id }) => (
<div>{id}</div>
)
Blog.getInitialProps = () => {
return { id: 42 }
}
export default Blog
import React from 'react'
import ServerApi from 'api/server'
const Blog = ({ id }) => (
<div>{id}</div>
)
Blog.getInitialProps = () => {
return { id: ServerApi.getRandomId() }
}
export default Blog Then I could have my production server to dehydrate getInitialProps with server API invoked directly while keeping my business logic away from malicious people. #1117 did no help, and neither the SSR and Server Only Modules did too. |
I see in #1117 (comment), it seems like the philosophy of next.js is focusing on state consistency, not flexibility and isolation. Hmm, maybe isomorphic-fetch is the only way to go. |
Also another point is that, yes, I couldn't preserve my API state because each page is stateless in server render. I admit what I'm trying to approach is a complete failure. Maybe I will have to consider using global objects and only the name of my internal API will be leaked, but it's an enough workaround as the implementation in server is fully-opaque to the client-side Edit: Edit 2: webpack (config, { dev }) {
if (!dev) {
const defs = config.plugins.filter(p => p.constructor.name === 'DefinePlugin')[0].definitions
defs['process.browser'] = true
}
} With this hack, all |
Developing a sophisticated website product with Next.js, Express and a database, I'm using REST and isomorphic fetch for my API abstraction, which is unfortunately also the bottleneck.
I can import the underlying API classes directly from my pages, but I don't want to risk my API being leaked indirectly by exploiting modules. What should I do now?
The text was updated successfully, but these errors were encountered: