Provide a setting to use a different REST url during SSR execution #3358
Conversation
tdonohue
added
high priority
performance / caching
tdonohue
changed the title
| map(() => true), | ||
| ), | ||
| ); | ||
| // The app state can be transferred only when SSR and CSR are using the same base url for the REST API |
There was a problem hiding this comment.
A separate REST URL could be a performance benefit during SSR, but if we discard all cached requests we'll always do double work and CSR performance will suffer.
Could we consider just running a search/replace on the transfer state to replace the SSR URL with the CSR URL?
- This shouldn't be too heavy of an operation so I think the net impact on performance could still be positive
- I did a very quick check and replacing all URLs right after the full HTML has been generated takes at most 0.25% of the total time needed for SSR
- Only tested for
/home, not authenticated - SSR took ~400ms, HTML search replace took between 0 and 1ms
- Only tested for
Otherwise we should at least exclude the transfer state entirely; right now it's sent but never read.
There was a problem hiding this comment.
I understand your suggestion, but I believe implementing a search/replace operation for URLs might not be a good idea due to performance concerns. Even though the initial tests show a minimal impact, this might not be the case for all routes or under different conditions and it could become a bottleneck.
Moreover adding an extra step in the Server-side rendering process can increase the overall latency, negatively affecting the user experience, particularly for pages with larger amount of request.
Honestly I don't see a real issue to fetch again the request during the CSR.
I'll try to exclude the transfer state entirely
There was a problem hiding this comment.
Honestly I don't see a real issue to fetch again the request during the CSR
My main concern is that it has a significant impact on perceived performance, especially on slower connections.
This counteracts our push towards decreasing the amount of REST requests we send ~ #3110 (comment).
I've made a quick branch where you can toggle both things: ybnd/dspace-angular → task/main/DURACOM-288
ui.transferState→ whether NGRX state is transferred from SSR to CSRreplaceRestUrl→ whether the SSR URL is replaced after SSR is done
As far as I can tell, a simple RegEx to replace SSR URLs scales a lot better than DSpace itself
- A
/searchpage with 1000 results (!) takes ~50000ms to build with SSR on my machine - Replacing all URLs (~16000) takes ~20ms
On the other hand, for a /search page with 100 results, Lighthouse reports about double the blocking time if we don't transfer state on CSR.
With URL replacing & state transfer
Without state transfer
| @@ -100,6 +101,14 @@ export class ServerInitService extends InitService { | |||
| } | |||
|
|
|||
| private saveAppConfigForCSR(): void { | |||
| this.transferState.set<AppConfig>(APP_CONFIG_STATE, environment as AppConfig); | |||
| if (isNotEmpty(environment.rest.ssrBaseUrl) && environment.rest.baseUrl !== environment.rest.ssrBaseUrl) { | |||
| // Avoid to transfer ssrBaseUrl in order to prevent security issues | |||
There was a problem hiding this comment.
I agree about the potential security concern, good idea.
The state transfer JSON will still list the SSR URL. It's a bit more "hidden" but not secure either.
|
Hi @atarix83, |
# Conflicts: # src/app/thumbnail/thumbnail.component.spec.ts
| @@ -6,4 +6,6 @@ export class ServerConfig implements Config { | |||
| public port: number; | |||
| public nameSpace: string; | |||
| public baseUrl?: string; | |||
| public ssrBaseUrl?: string; | |||
| public hasSsrBaseUrl?: boolean; | |||
There was a problem hiding this comment.
Could we add a comment here to describe how/where this boolean value is set? This doesn't appear to be something we want people to specify in their config.yml, so it would be good to document that this is set automatically based on the value of ssrBaseUrl in your config.
There was a problem hiding this comment.
Again, I'd recommend we add a comment above this setting to clarify that this should NEVER be copied to config.*.yml. Something like:
This boolean will be automatically set on server startup based on whether "baseUrl" and "ssrBaseUrl" have different values.
…ting enter in another input form (onsubmit)
…esetting-on-enter_contribute-7.6' # Conflicts: # src/app/shared/form/builder/ds-dynamic-form-ui/models/scrollable-dropdown/dynamic-scrollable-dropdown.component.html
…ting the enter key in another input field
|
I've improved my implementation trying to address your feedback. Here the main changes:
|
There was a problem hiding this comment.
@atarix83 : I was able to test this locally today by using temporary public URLs for the frontend & backend. I ran the frontend & backend on different domains, and ran the frontend in production mode (npm run build:prod; npm run serve:ssr).
Overall, the basics of this PR (and the backend PR) work well. However, I've found a few bugs in my testing:
- Authentication doesn't work. This might be a side effect of an error I'm seeing on
main, but here's what I'm trying.- If I use these PRs with the
dspace.server.ssr.urlandrest.ssrBaseUrlsettings disabled, then authentication works fine. However, whenever I authenticate, in the SSR logs I see an "doesn't contain the link profiles" error. This seems harmless, but it appears on every login - If I then enable the
dspace.server.ssr.urlandrest.ssrBaseUrlsettings and point them at http://localhost:8080/, authentication no longer works. After attempting to authenticate, the page hangs and I just see the loading image (on a blank white page). No obvious errors are seen in the logs.
- If I use these PRs with the
- Whenever SSR is triggered, I see a 404 request to an
/undefinedpath. This appears in my browser's DevTools "Network" tab.- Enable the
dspace.server.ssr.urlandrest.ssrBaseUrlsettings and point them at http://localhost:8080/ - Go to any Item page.
- Click reload in your browser (to trigger SSR). The
404 /undefinedpath error will appear in your DevTools
- Enable the
- Thumbnail images appear to be accessed initially via the private URL.
- Enable the
dspace.server.ssr.urlandrest.ssrBaseUrlsettings and point them at http://localhost:8080/ - Go to an Item page, for an Item that has a thumbnail.
- Click reload in your browser (to trigger SSR)
- Look closely at the
/contentrequest in your browser's DevTools. It will initially be against the private URL ("http://localhost:8080/"). However, once the page redraws, it will send again to the correct public URL. - If I add the
replaceRestUrl: truesetting to myconfig.prod.ymland try again, then this behavior will no longer occur. It only occurs ifreplaceRestUrl: falseis set.
- Enable the
Overall, this appears to be working. When this feature is enabled, I do visually notice the flash/redraw of the page when transitioning from SSR to CSR. It's much more severe than when this feature is disabled. However, if there's no way to minimize that flash, then we may just need to warn people that the page flash is more severe when this separate REST URL feature is enabled.
I also have a few minor comments inline below on the code. Mostly it's looking good though.
| @@ -19,11 +19,32 @@ ui: | |||
|
|
|||
| # Angular Server Side Rendering (SSR) settings | |||
| ssr: | |||
| # A boolean flag indicating whether the SSR configuration is enabled | |||
| # Defaults to true. | |||
| enabled: boolean; | |||
There was a problem hiding this comment.
Please remove this. While it is possible to disable SSR in this manner, I don't think we should encourage anyone to disable SSR entirely -- it will have a detrimental effect on SEO.
So, this enabled setting was purposefully excluded from config.example.yml to discourage anyone from disabling SSR entirely.
|
|
||
| # Enable request performance profiling data collection and printing the results in the server console. | ||
| # Defaults to false. | ||
| enablePerformanceProfiler: boolean; |
There was a problem hiding this comment.
Please change boolean to false and remove the semicolon. This config.example.yml file is supposed to have default settings listed and be "valid" if they want to copy the config.example.yml into config.prod.yml and edit the defaults. So, this should say:
enablePerformanceProfiler: false
Also is there any risk in enabling this in production? This sounds like a debugging tool, so we may want to mention that we don't recommend enabling in production
| # Note: When using an external application cache layer, it's recommended not to transfer the state to avoid caching it. | ||
| # Disabling it ensures that dynamic state information is not inadvertently cached, which can improve security and | ||
| # ensure that users always use the most up-to-date state. | ||
| transferState: boolean; |
There was a problem hiding this comment.
Same as above, this should have the default value listed:
transferState: true
| # REST resources with the internal URL configured, so it is not transferred to the client application, by default. | ||
| # Enabling this setting transfers the state to the client application and replaces internal URLs with the public | ||
| # URLs used by the client application. | ||
| replaceRestUrl: boolean; |
There was a problem hiding this comment.
Same as above, this should have the default value listed:
replaceRestUrl: false
Why is this false by default? We may want to add an explanation to describe why someone may want this to be true or false. Are there any side effects to enabling it, or scenarios where you should definitely have it enabled or disabled? Currently, it's unclear to me why it is false and when users would want to set this to true.
Based on the discussion with @ybnd above , it sounds like setting this to true should decrease the number of REST API requests when a page goes through SSR? (As it shouldn't need to make duplicate requests in CSR)
(I like how for transferState above you described a scenario where you might want to set it to false instead of true. So, it'd be nice to do that here as well.)
| @@ -6,4 +6,6 @@ export class ServerConfig implements Config { | |||
| public port: number; | |||
| public nameSpace: string; | |||
| public baseUrl?: string; | |||
| public ssrBaseUrl?: string; | |||
| public hasSsrBaseUrl?: boolean; | |||
There was a problem hiding this comment.
Again, I'd recommend we add a comment above this setting to clarify that this should NEVER be copied to config.*.yml. Something like:
This boolean will be automatically set on server startup based on whether "baseUrl" and "ssrBaseUrl" have different values.
|
Hi @atarix83, |
References
Add references/links to any related issues or PRs. These may include:
Description
This pull request provide the possibility to use a different DSpace REST url during the SSR
Instructions for Reviewers
List of changes in this PR:
ssrBaseUrlwhere to specify a different DSpace REST url to use during SSRssrBaseUrlproperty. If this URL was not publicly accessible, it would result in an error. By rendering the thumbnail only in the browser, we avoid this problem.ServerHardRedirectService. In case the url to redirect contains thessrBaseUrlit's reinstated with the public base url. This is necessary otherwise download bitstream page doesn't work.Include guidance for how to test or review your PR.
Unfortunately it is difficult to test this PR. The best would be to deploy it in a production like environment and configure the internal base url property.
This might be done on both Angular and REST side, like in the example below where public base url is
https://dspace-rest.org/serverand internal base url ishttp://localhost:8080/server.ssrBaseUrlproperty, e.g :dspace.server.ssr.urlproperty, e.g. :In order to test it locally you could add an alias hostname for localhost ip to be used as public url
Checklist
mainbranch of code (unless it is a backport or is fixing an issue specific to an older branch).npm run lintnpm run check-circ-deps)package.json), I've made sure their licenses align with the DSpace BSD License based on the Licensing of Contributions documentation.