What could possibly go wrong. Little Bobby Tables would be proud.
Stop over-engineering shit, just do everything client-side like McDonald’s: https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities
Does ReST mean anything anymore? It was originally a set of principles guiding the development of the HTTP 1.1 spec. Then it meant mapping CRUD to HTTP verbs so application-agnostic load balancers could work right. And now I guess it’s just HTTP+JSON?
The meaning of words can change yes.
https://www.merriam-webster.com/wordplay/words-that-used-to-mean-something-different
I understand it for normal words. But for an acronym? About a body of technical research? How are we supposed to refer to the thing that Fielding meant when he coined the term?
Lots of technical terms are used quite loosely I think. If you ask 10 people what a compiler is, or what functional programming is or what goes where on the OSI layers you’ll get different answers.
It’s not practical but that’s the world we live in.
Hilariously enough, just today I read a blog post about a service where the client interacts with the database directly - https://clickhouse.com/blog/building-a-paste-service-with-clickhouse. While it’s not your traditional OLTP database, it still kinda fits.
I got dumped with fixing some bugs in a project written by a contractor who had literally done this but with extra steps.
Backend was sql server and c#/asp.
There was an api endpoint that took json, used xslt to transform to xml. Then called the stored procedure specified in request passing the xml as a parameter.
The stored procedure then queried the xml for parameters, executed the query, and returned results as xml.
Another xslt transformed that to json and returned to the client.
It was impressive how little c# there was.
Despite holding all the business logic, the sql was not in source control.
Seems very secure. As in job security. Because why the fuck did they make it so complicated.
Yeah, maybe the contractor thought he’d get more work fixing it but he was long gone by the time I got it so i never met him
One of bugs I got was performance because the search didn’t work, with about 600,000 assets in database it would timeout searching for one by exact match on ID. It took 45 minutes to return 1 result.
Chan I use different database name?
Hehehehe
You absolutely won’t be disappointed by explosing your database to SQL directly from the API.
This would eventually become graphql.
I would honestly prefer it if more websites just did that and gave you access to whatever they have about you in their database. Would be much easier to figure out which data they actually store about me. If you set up the access lsits appropriately it could be OK from the security perspective too (of course better to do it over something other than SQL, but who am I to judge).
I did this just to reduce network latency. It’s not for public use, and tbh, I don’t think you can even get at it from outside the VPN.
