Questions tagged [web-applications]
Web applications are applications that are accessed over the "web", which can mean the Internet, or an internal network (an intranet).
1,090 questions
1
vote
2
answers
253
views
What is a good strategy to avoid creating duplicate profiles for many individuals in a database?
I'm designing an application that is going to receive tens to hundreds of thousands of requests. Users submit requests on behalf of Customers (which are singular persons). Each request will contain ...
- 19
6
votes
2
answers
1k
views
How dangerous is storing sensitive information in LocalStorage?
Since I started studying security in web applications, it seems that everyone always says to never store sensitive information (e.g., refresh tokens, access tokens, and so on) due to the risk of ...
- 165
0
votes
1
answer
132
views
Best Practice for Managing Payment Subscription Tier Status
I'm trying to understand the best way to approach how to manage and update a user’s payment subscription status in a web application. Let’s say you have a subscriptions table in a database that is ...
2
votes
3
answers
2k
views
How to design for API use cases that need different data from the same table?
I am building a web application. This application is meant to be a home for player rankings and tournament results for a competitive community. I have planned to do this in three layers: a database to ...
- 39
1
vote
0
answers
500
views
How to manage user session in WebSocket
I'm developing a WebSocket server in Go where I read messages from clients and forward them to a tunnel. I want to integrate session management:
Check if a user's session is still valid.
Handle ...
- 73
4
votes
2
answers
519
views
Advice for pooling DB connections with serverless
I have a great, working web application which uses SvelteKit, DrizzleORM, a PostgreSQL database running on Amazon RDS. It is hosted on Netlify, which means that the “backend” consists of one big ...
- 159
1
vote
1
answer
143
views
Fixed vs dynamic properties for a system with customization and changing requirements
Edit: writing a more specific question, as per comment, I guess my question boils down to: are dynamic properties designs appropriate for applications with rich UI and complex business logic (as ...
- 113
0
votes
2
answers
205
views
Are using website builder's, like Squarespace, OK to use when building a web-app that needs unique external components?
I'm a non-technical person starting a web-based project and would like some feedback as to whether or not building a website using a web-builder service like Squarespace will result in re-work once I ...
-4
votes
1
answer
297
views
How to stop showing SQL queries of a web application in Browser's Inspect elements?
I have a web application written in express.js and php 8.2. Currently, anyone can right lick in chrome or edge chromium browser and go to inspect element>>network tab and click on data ...
-2
votes
3
answers
225
views
Server-side ad insertion and video downloaders
Video streaming sites like YouTube are experimenting with server-side ad insertion
Server-side ad insertion differs from normal YouTube ad insertion techniques primarily in how ads are delivered to ...
1
vote
1
answer
994
views
Deciding between logic on the front-end or back-end
Before I begin, I want to say I am very new to this and I am a junior but also solo developer with no seniors to ask for guidance. Please feel free to explain to me that I am not approaching it ...
- 13
2
votes
1
answer
310
views
What is an optimal system design for tracking product views per user that is scalable?
I have a web application that contains products and users. There are 10,000+ products and 100,000+ users to give a sense of the scale that's required.
For some application specific reasons, I need to ...
- 29
0
votes
1
answer
68
views
Best way to approach connection between game server to client connection with Django web server as middleman
I have a web game design question. I am trying to build a multiplayer web game with non-intensive graphics (ex tic-tac-toe, chess). I am trying to figure out how to take already authenticated users in ...
2
votes
1
answer
128
views
Concrete implementation of MVP with "dumb" view
I recently started designing my first MVP-app. I like the idea of having a "dumb" view to be able to cover as much of the code with unit tests.
The app I build will be an app to create ...
- 39
0
votes
0
answers
83
views
Distributed caching system that scales and enables real-time UI updates?
I have a NextJS app for which I want to cache data from our backend APIs to reduce the load when we have high volumes of concurrent users scrolling through (or search) years-worth of historical data.
...
- 9
0
votes
1
answer
465
views
Is it a good idea to serve a Single Page Application as a static site?
I've built a small single-page web application in React and seen that it's possible to serve the app as a static site on something like S3.
Previously, I considered using Nginx, but as this is lower ...
- 159
-1
votes
1
answer
74
views
Processing messages sequentially in SQS FIFO
I need to process status changes related to an entity in a sequential order. Not in parallel.
Will an SQS FIFO Group with MessageGroupId = UserId be enough?
Let's say I have the folowing messages:
...
- 31
1
vote
1
answer
205
views
Architectural decision regarding at-most-once semantics cron jobs in distributed systems
please note that while I refer to a specific web application framework in the following, the problem also arises with most other web application frameworks I know so please don't be afraid to reply ...
- 119
1
vote
1
answer
930
views
Is 10 KB a large amount of data to pass around each time a user makes an API call?
Each time a user of my APP / website interacts with the APP such that it makes an API call to the backend, the backend will make an API call to the mongoDB database to retrieve the document that holds ...
0
votes
2
answers
2k
views
Do we need APIs to just access databases?
At work, we have a Web application, which makes queries to databases, and I’m asked to determine if using Web APIs could be an added value.
Personally, I’m not convinced it is.
I know Web APIs are ...
- 109
1
vote
1
answer
228
views
Safe Plugin Architecture for Python Web API
I am making a web application for parameterized procedural world generation. Given the computational resources involved, this application involves a server backend for generating the world with an API ...
- 113
3
votes
1
answer
295
views
Is it good practice to always use "use strict" in modern web apps? [closed]
I'm learning JavaScript and just came across "use strict". It sounds like to me it should always be in play but me being a beginner I was wondering if there are scenarios/environments when ...
- 41
4
votes
1
answer
957
views
In a web application, should "private" user images be protected with authentication/authorization?
When creating a web application that will allow users to upload images and mark them as private, should those images be protected by authentication and authorization mechanisms against access by other ...
- 185
-4
votes
1
answer
456
views
Web applications, cookies and GDPR
... or technology stack for compliant web applications.
GDPR among other includes cookies usage defining four cookie types: strictly necessary cookies , preferences cookies, statistics cookies, ...
user432211
1
vote
2
answers
327
views
Best way to protect action links from CSRF
An application has a multifactor login.
The user logs in with its e-mail and password, and then the following screen asks for a one time password received via e-mail or generated by a mobile app.
In ...
- 331
0
votes
2
answers
345
views
Is this service considered "an API"? Could it benefit from being Restful?
I'm confused about the meaning of API, specially in the context of REST. I'm thinking of one example.
My company creates an application that runs on a server (the "backend"). (JavaScript in ...
- 143
0
votes
2
answers
139
views
Resolvers and Adapters
In the web development application context, when someone says resolver, they talk about getting the data and modify it and then return it?
What about adapters? are adapters essentially resolver ...
- 109
1
vote
1
answer
225
views
How do I avoid reading from S3 every time the user updates a filter on the webpage?
I am building a web application where a user logs in, and uploads a CSV file with employee data to S3.
This is an example of the format of the file.
id
name
country
age
3243
John Doe
USA
48
Using this ...
-2
votes
1
answer
650
views
Storing a large number of user permissions [closed]
I am refactoring an old application which has about 200 user permissions.
Based on access permissions for the user, menu items for webpages will be Enabled or not.
Permissions are also checked on the ...
- 97
0
votes
0
answers
57
views
GRPC request from web client to backend
Suppose there is a third-party application which offers GRPC services with authentication. You want to use these services in your web application. So you will basically use that service behind the ...
- 113
0
votes
1
answer
187
views
How can a web application distinguish between sessions from trusted and non-trusted devices?
For compliance reasons, we want admins of a web app to work on it from devices (phones or computers) approved by IT. Or rather, they can work from other devices, but should get logged out quickly, so ...
- 1,477
1
vote
1
answer
117
views
How should I approach the development of an app with an parallel independent library?
I'm currently working on an ERP Blazor WebAssembly app that works alongside its base Razor Class libraries. The app could have some custom pages that aren't the same for all the customers and are ...
- 21
-1
votes
1
answer
138
views
Options for sharing frontend workflows across disparate applications
I am working on a form building feature that will be used across different applications within our organization. Since each app has a slightly different stack we are planning to implement this feature ...
1
vote
4
answers
492
views
Is it best practice to only use still-supported languages when developing apps?
I am looking to create a multi-page web app. I had begun the construction of this web app in angularJS when I realized this was no longer being supported. I am early enough in development that it isn'...
- 173
1
vote
2
answers
205
views
Microservice Granularity: Should a service ever be broken into smaller services with a shared database?
I'm trying to understand the size of a micro service.
Fake situation: Data is read 1,000,000 times for every write. So when you scale out you generally only care about scaling out for the 'GET' ...
- 341
0
votes
1
answer
99
views
Am I making this web app right?
I am currently making a newsletter website that will send you a email with the top ten manga for that week. Currently I have a web scraper that retrieves the top ten along with descriptions and other ...
1
vote
0
answers
484
views
Do we really need a message brocker in WebSocket system?
I'm engineering architecture of a new web based software.
I've never worked on high-scale softwares before and I'm reading a lot about it.
To increase client-side speed and reduce load on servers, and ...
- 19
0
votes
1
answer
105
views
Data backup/slave node with replicated data, to be writeable while master is offline
I'm developing and designing a system which runs mostly on intranet of client companies. The system consists of one main database which is MariDB, for now one web-application as system management and ...
- 11
0
votes
0
answers
329
views
How to store multiple-users authorization tokens from a single service if I can't use a persistent storage?
I'm new to "web development" so I don't know much about ways to store data.
I'm trying to build a web app using Python-Django which accesses private data from multiple accounts. The data ...
2
votes
2
answers
336
views
How would I use TDD / BDD when my webapp interacts with an external REST API?
I'm following roughly the TDD style as explained in the "Obey the Testing Goat" book: You have a functional test for your (Django, in my case) web app that tests the observable behaviour via ...
- 556
-3
votes
1
answer
83
views
Best Practices for Designing Around Presence/Absence of Home Button on Tablets?
Older iPads used to have a home button:
Newer iPads don't have it. They have a line on the screen you're supposed to swipe up to get to the home screen:
Now if an app has a row of links or buttons ...
- 97
2
votes
4
answers
584
views
When Is it worth writing your own CRUD generator for project?
I need to make an app for employees & employers.
When is it worth writing your own CRUD generator for a project with the aim of process automation?
With such a generator I wouldn’t need to create ...
- 129
1
vote
1
answer
454
views
How to present my Actors and Objects inside Sequence diagram for an Online Management Exam system
I am working on an online exam management system, which have those main actors:-
Super Admin. Can manage questions/answers under all functional areas.
Functional Admin. Can add questions/answers ...
- 247
0
votes
1
answer
229
views
Should an access token really be cryptographically signed?
In a web app I'm writing, a singed-in user is recognized by their cookie containing a session identifier. That session id has sixty-four bits of entropy, so I believe brute-force attacks are ...
- 113
2
votes
3
answers
720
views
How do you reduce security risks when using NPM packages in commercial Web development?
This is a question for software engineers who are tasked with managing the development cycle for a Web application using NPM packages for deployment on a customer's Intranet or the Internet.
This is ...
- 95
6
votes
2
answers
591
views
Is "this" in JavaScript out of fashion?
I'm not a frontend dev, but I recall that a few years ago, the this keyword was commonplace in frontend codebases.
In recent years, I haven't seen this get used anymore. In the last few frontend ...
- 178
-1
votes
1
answer
72
views
Navigating a many-to-many relationship and determining price from a bulk API Call
I think it will help to give a little context, not only about the DB architecture but the actual product. I am building a business where we will be selling pallets of liquidated merchandise. Think a ...
- 119
0
votes
2
answers
144
views
Requiring HTTPS for an application "end to end", but not via a proxy server
We have a on-premise web application with frontend (Node/Express) and backend (Python/Flask), which, like every other web application I've ever worked on, provided HTTPS by using a proxy web server (...
- 119
0
votes
1
answer
166
views
Architecture for SaaS that can run in my company's cloud or in clients' networks [closed]
I am working on a portable SaaS web application that has these requirements:
The application can run as a cloud service hosted by my organization.
Clients can run the application in their own on-...
- 23
-1
votes
1
answer
88
views
What is the name of component handling the HTTP requests from client in more complex infrastractures that just "client-server"? [closed]
Although the splitting of web application/ web sites to front-end (client) and back-end (server) is popular, this binary division is frequently pretty far from actual complexity of architecture:
The ...
