Comments (4)
the backend url is directly configured in the environment.ts file of the Angular CLI project: https://github.com/gothinkster/angular-realworld-example-app/blob/master/src/environments/environment.ts
You can also inspect the network calls from your browser's devtools to see where they go.
Generally speaking it really depends on your deployment architecture. I generally see two approaches:
- the one taken here, where the frontend app is deployed completely independantly deployed and calls an API backend which then will need to implement also all the CORS mechanism (because different domain). This is usually the case when you have an independent API used by multiple different apps/mobile.
- deploy it on the same domain as the backend. Then the app usually calls to the backend like
/api/...
. Locally you use a development proxy (see here) to point to your local or remote dev environment. When you deploy, you usually have an architecture, where there’s an Apache or NGINX webserver in front, which delivers your frontend and backend calls, like (/api...
) are routed ahead to the backend API.
From a security perspective there’s not much difference. Both of them need to apply all the known security measures. It really just depends how you want to deploy your system.
from angular-realworld-example-app.
Yes, I would say it's the only way. That's how SPA works.
from angular-realworld-example-app.
Is not it hampering the security of the web site?
I have seen some companies are using node layer(server.js) to route back-end.
Which way I will follow for a production ready application?
from angular-realworld-example-app.
Thank you all for your very useful reply.
Special thanks to @juristr for clear and detail explanations.
I am little bit confused. May be it is same as my previous question.
But i am describing how I face an issue for this implementation.
In our organisation apis are deployed as separate application behind mashery.
And front end application deployed in different server(docker) .
I am new to front end and i have implemented like how front end calling back end api here(calling direct back end api from browser).
Our Application security team told me "you should not implement like this any body can see the api url".
Although all api end points are mashery protected.
We add a node layer (server.js) on top of it .
I do not know node.js so i do not like this implementation.
I am planning to develop one private project myself. So need some suggestion .
Is any real web site implement direct call to api from browser?
Thanks in advance
from angular-realworld-example-app.
Related Issues (20)
- App Structure Problem: redundant module import
- Is this repo still maintained? HOT 5
- Why HttpClientModule has been imported in shared module?
- API is unstable and often returns 502 HOT 1
- Router is being injected but never used.
- 502 Error from backend HOT 1
- No articles are here... yet. CSS broken, shows up in bad location HOT 1
- Application not loading HOT 8
- Remove NSFW content HOT 1
- Clean Up bad (offensive) tags HOT 1
- Browser refresh at any part of the website, with exception of the main page, causes GitHub 404. HOT 8
- Tags list is empty even if tags assigned to the articles
- From Protractor to Cypress
- LISENCE.txt file does not exist.
- Not able to log in!
- Global Feed Article HOT 1
- Application is down HOT 1
- Routing not work in profile HOT 1
- this[kHandle] = new _Hash(algorithm, xofLen); error HOT 2
- duplicate navbar once the user is logged in HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from angular-realworld-example-app.