Node.js HTTP Transfer Protocols

Deployment Strategies

• Fargate with ACM ext: link ext: CI/CD

Request an ACM, add the host (excluding the url to namecheap as a cname record ext: link)

• EC2 with Nginx - you can have multiple sites on the same instance
• Static site on S3 ( ext: link)

  • Have part of the site on s3

    import { createProxyMiddleware } from 'http-proxy-middleware';
    import { Handler } from '@sveltejs/kit';
    
    const proxy = createProxyMiddleware({
      target: 'http://your-s3-bucket-website-endpoint.s3-website-us-east-1.amazonaws.com',
      changeOrigin: true,
      pathRewrite: {
        '^/route': '/', // Remove the /route prefix when forwarding the request
      },
    });
    
    export const GET = ({ request }) => {
      return new Promise((resolve) => {
        proxy(request, {
          end: (response) => {
            resolve(new Response(response.body, {
              status: response.statusCode,
              headers: response.headers,
            }));
          },
        });
      });
    };

Security

CSRF

Without CSRF protection, other sites can make submissions to your POST routes

• Ex. they can make a website that looks like yours with a reset password form.