Night Mode LabsBlue Book
Service Archetypes

Public Web App

Public web apps need strong edge controls, safe release patterns, frontend observability, and clear ownership for customer-facing impact.

Typical architecture

Required controls

  • TLS, secure headers, and cache policy.
  • Authentication and authorization for protected routes.
  • CDN invalidation and rollback plan.
  • Frontend error and web-vitals monitoring.
  • Synthetic checks for critical flows.
  • Dependency and package scanning.
  • Data handling rules for browser-visible configuration.

Release guidance

Use preview deployments for pull requests and promote immutable builds where possible. Pair release flags with server-side authorization for sensitive behavior.

Readiness checks

Before production, confirm:

  • Critical user journeys have synthetic or smoke coverage.
  • Error reporting includes release, route, browser, and device context.
  • CDN cache behavior is documented.
  • Rollback and cache invalidation are tested.
  • Accessibility and security header checks run in delivery.

Watchouts

  • Client-side flags are not security controls.
  • Browser-exposed environment variables are public.
  • CDN caching can make rollback confusing.
  • Frontend incidents often appear to users before backend alerts fire.

Frontend and Edge Delivery

Previous Page

Internal Business App

Next Page

On this page

Typical architectureRequired controlsRelease guidanceReadiness checksWatchouts