Exploring web error rates statistics just after publishing a personal website, #web, #angular, #google_site
As a one-human company, I have a business use case is to publish my own personal website.
But the challenge here, is how to publish this site very quickly without impacting my productivity?
Step1 :
I added a website in Google site, very simple, easy to use and awesome!
EveryBody knows that google facilitates collaboration and website creation.
Google has definitely the best working and collaborative tools designed for both small and even big companies to work with.
Very simple to add a page, very clean, easy to use and to publish
1.1 Select here sites
- 2 Select here sites
I chose one of simple template and publish it after adding my personal content and career experience, and then clicked on publish, this will publish a website version but visible only to authenticated google user in the domain.
So now came the question on how to publish this website and make it visible publicly without compromising security of my data?
Bingo!
Came the idea of making a copy in Google drive, and then publish it with public permissions.
Step2 : Website is published, but still i don’t have a domain
Step3 : I bought a domain on GoDaddy
Step4 : How to be able to make the same website working in other platform?
I chose aws technology as this is the best solution effort for me :)
But still i don’t have the website source code
I get back to my old web developer knowledge and so used
some packages to copy the website (be careful these are hacking tools, but here no worry it is for my personal usage so allowed :) )
https://www.httrack.com/page/2/fr/index.html
Bingo2!
Website is now copied locally and i can so use it as a web developper
Step5 : I Used S3(for static web hosting) and R53 aws service
(aws R53 is acting as Domain name resolver but also routing to other parts Cloudfront or LB “not the subject of this article to deeply dive into these services)
I will deeply discuss how to optimize your web development and secure it can be useful for Junior DevSecOps in the next article…
Step6 : Select developers tool
Website published : http://perso-site.s3-website-eu-west-1.amazonaws.com/
BUT …
Everything was working well for 10 min Then…
Page errors : 25 CORS error
Breaking changes : 3
Improvements : 2And then started a long and big journey to fix all these staff, however, i understood that i felt in a 405 error
Mainly CORS issue appeard
Fatal CORS= request was blocked because the Access-Control_origin response of the request or the associated preflight specified an origin different from the origin of the context that initiated
Access to XMLHttpRequest at ‘https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin ‘http://perso-site.s3-website-eu-west-1.amazonaws.com' has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: The ‘Access-Control-Allow-Origin’ header has a value ‘http://play.google.com' that is not equal to the supplied origin.
This is the most critical error case that every web developer should take care about
Breaking changes = In my case this is kind of error that could cause non functional issue on the website, however it does not affect security
Improvement = These are functional improvement and in my case in on of form field to subscribe in the newsletter, there is a missing field.
Conclusion :
I would finally prefer the classic approach with static website development, then deploy it in whatever platform you prefer, and then keep your own domain, and then versioning…
This made again sure that i need to stick on “DEVSECOPS” model