May sound like a strange question, but bear with me here.
I need to build a small web project. For the sake of making it free, I was going to host the front end portion on S3 as a static site, and have it invoke server side functions by making AJAX calls to a REST API hosted in a lambda function. I've done this before in a webapp for myself, but I remember it causing complications when cross origin requests were made and I ended up resorting to using JSONP. Is there any problem with this setup? I've heard JSONP can be a security concern, and this new site is intended for public use.
My alternative setup would be to build a server on lightsail that hosts the site and backend. Obviously this is probably the more correct way to do things, but is slightly more money.
Which of these methods is likely the better option?
Additional question: Is it possible to setup CORS so I don't have to use JSONP for cross origin requests? I'm a bit unfamiliar with CORS.
Which of these methods is likely the better option?
I'm going to pretend you didn't ask that, since there isn't a "correct" answer -- it's subjective, and there are many factors, some of which are opinion-based.
But both solutions are viable.
API Gateway, which is what you'd use as a front-end to expose your Lambda functions to the Internet, has CORS support, so this should not need to be a concern for you.
Another option is using S3 and Lambda (with API Gateway) but configure both resources as origins behind a CloudFront distribution. Point the default cache behavior at the bucket, then use a path pattern like /api/*
to route the API requests to API Gateway. This proxies all requests to the appropriate origin, but your site's hostname in DNS is pointed to CloudFront, where all the resources are accessed, which means none of the requests will be cross-origin -- everything is accessed at a single hostname. The CDN/caching features of CloudFront are a bonus for optimal performance when fetching the the static content and can be disabled for the API.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With