Does anyone know of any limitations (speed wise) of the App Proxies? I have a simple ajax call that is just returning a 2 line JSON text from my server. This is taking almost 600ms.
When I test my server direct, the response is around 30ms.
I am wondering if this is possibly one or a mix of the following:
Any advice much appreciated!
I have found the answer to this...I should have just tested the proxy directly...
The app proxy is slow:
Just to reiterate, this is just responding with a cached JSON string. There is no other work happening on the server.
How do the app providers do this when we are able to make calls directly to their servers? i.e. for reviews.io we can call
Direct from the browser, and there are no CORS issues. If I try to call my own server, it fails due to CORS, so using the proxy is the only option as far as I can see.
Final thing I have found, just to help anyone else who comes up against this. If you own the responding server (i.e. are in control of the app code), you can respond with the header:
'access-control-allow-origin' => "*"
This is not recommended unless the API is intended to be public, but I think in these cases this would be fine. More info here:
Same here. I think it fully depends on where Shopify's server is located that's making the connection in relation to where you are hosting the application. It's also possible that if you return "application/liquid" as mime-type it's slower, because Shopify needs to do some additional processing internally before it sends the request back to the browser.
If your app logic can work with directly talking to your application without going through the App Proxy (eg: shop.myshopify.com/apps/yourapp/) then that's your best bet at a speedy result. I'm also working on this.
A few things come to mind to achieve this, depending on the underlying web dev framework you use:
Hope this helps anyone!
I'm also doing the same in our app using a proxy, which add almost 1.4 seconds to our usally 30ms response.
I somehow need to validate the request (auth), since it's not a public request.
Any suggestion on how to do that?
I was thinking something like giving each of our customer's an individuel JS script (but since that request isnt AUTH either anyone can download that).
So not sure if there is a way except using the proxy..