Episode 2 — React Frontend Architecture NextJS / 2.21 — Working with Server Actions
2.21.d — Security, Errors & Production
In one sentence: A Server Action is still a network-exposed entry point — treat it with the same skepticism as a POST handler: authenticate, authorize, validate, and plan for abuse.
Navigation: ← Implementing Mutations & Forms · → 2.21 Overview
1. The Threat Model in Plain Language
Attacker tools:
- Browser devtools
- Custom scripts posting to your action endpoint
- Replay of captured requests
If your action only checks permissions in the UI, the attacker bypasses the UI entirely.
Golden rule: Re-validate session, roles, and resource ownership inside every sensitive action — same as inside a Route Handler.
2. Authentication Pattern (Conceptual)
'use server';
import { getSession } from '@/lib/auth';
export async function deletePost(postId: string) {
const session = await getSession();
if (!session) {
throw new Error('Unauthorized');
}
const post = await findPost(postId);
if (!post || post.authorId !== session.userId) {
throw new Error('Forbidden');
}
await removePost(postId);
}
Interview tip: Mention defense in depth — middleware for coarse blocks, fine-grained checks in the action where you have full business context.
3. CSRF and Origin Considerations
Cross-Site Request Forgery tricks a victim’s browser into performing an action they did not intend.
What to say in interviews:
- Frameworks may implement default mitigations (for example, verifying
Origin/Refererheaders for Server Actions in certain configurations). Do not memorize version-specific details as law — read the current Next.js security notes for your version. - For high-risk operations (account deletion, money movement), many teams add step-up confirmation, re-auth, or custom tokens — regardless of transport.
Never claim: “Server Actions are CSRF-proof by magic.” Say: “I verify same-site policies for my version, and I still design dangerous operations carefully.”
4. Input Validation: Always Server-Side
Client-side validation improves UX; server-side validation guarantees correctness.
Recommended pattern:
- Parse
FormDataor JSON-like payloads. - Run Zod / Valibot / similar schema validation.
- Map schema errors to user-visible messages.
import { z } from 'zod';
const CommentSchema = z.object({
body: z.string().min(1).max(2000),
postId: z.string().uuid(),
});
5. Rate Limiting and Abuse
Server Actions can be spammed like any endpoint.
Mitigations (pick what fits your scale):
| Layer | Example |
|---|---|
| Edge / middleware | IP-based throttling for / subtree |
| Server | Token bucket per user id in Redis |
| Application | CAPTCHA on signup/login bursts |
| Database | Unique constraints + idempotent writes |
6. Error Handling Strategies
| Failure type | Suggested handling |
|---|---|
| Validation | Return structured { ok: false, errors } |
| Expected business rule (“insufficient credits”) | Return typed error code the UI maps to copy |
| Unexpected (DB down) | Log server-side + generic user message |
| Auth failure | redirect('/login') or consistent 401 UX |
Avoid: leaking stack traces or internal IDs to end users.
7. Logging and Observability
At minimum, log:
- Action name / correlation id
- User id (if authenticated)
- Latency and outcome (success vs validation vs error)
Do not log: passwords, full payment payloads, raw session tokens.
8. Testing Actions
Because actions are plain async functions, unit test them by importing and calling directly with crafted FormData:
import { describe, it, expect } from 'vitest';
import { createUser } from './actions';
describe('createUser', () => {
it('rejects invalid email', async () => {
const fd = new FormData();
fd.set('email', 'not-an-email');
fd.set('name', 'Ada');
const result = await createUser(fd);
expect(result).toMatchObject({ ok: false });
});
});
For integration confidence, add tests that hit the route-level behavior if you expose combined flows — mirror how you test Express handlers with Supertest, but using Next’s testing guidance for your version.
9. Production Checklist
- Secrets only referenced from server modules (
'use server', Route Handlers, Server Components without leakage). - Authorization checked per action, not only in UI.
- Schema validation on all externally influenced fields.
- Rate limits on auth-sensitive and expensive operations.
- Revalidation strategy defined (avoid stale dashboards after mutations).
- Error messages safe for users; detailed diagnostics only in logs.
10. One Paragraph “Senior Answer”
“Server Actions are server functions invoked through a framework channel, which reduces boilerplate for same-app mutations especially with forms. I still treat them as privileged endpoints: I validate with schemas on the server, re-check session and authorization against the database row, apply rate limits where needed, and return structured errors for expected failures. For external callers and webhooks I keep Route Handlers so I have a clear HTTP contract — Actions and Handlers share the same service layer.”
Back to: 2.21 Overview
Part 2 — Deep Encyclopedia (Security & production)
How to use this section: Read sequentially or jump by drill number. Each block has a scenario, a prompt (what an interviewer might ask), a model answer, and often a code sketch.
E001 — SA drill 1: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 1: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #1.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #1, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E002 — SA drill 2: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 2: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #2.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #2, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E003 — SA drill 3: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 3: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #3.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #3, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E004 — SA drill 4: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 4: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #4.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #4, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E005 — SA drill 5: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 5: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #5.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #5, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E006 — SA drill 6: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 6: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #6.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #6, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E007 — SA drill 7: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 7: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #7.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #7, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E008 — SA drill 8: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 8: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #8.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #8, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E009 — SA drill 9: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 9: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #9.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #9, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E010 — SA drill 10: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 10: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #10.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #10, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E011 — SA drill 11: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 11: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #11.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #11, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E012 — SA drill 12: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 12: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #12.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #12, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E013 — SA drill 13: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 13: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #13.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #13, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E014 — SA drill 14: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 14: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #14.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #14, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E015 — SA drill 15: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 15: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #15.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #15, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E016 — SA drill 16: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 16: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #16.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #16, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E017 — SA drill 17: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 17: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #17.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #17, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E018 — SA drill 18: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 18: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #18.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #18, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E019 — SA drill 19: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 19: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #19.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #19, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E020 — SA drill 20: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 20: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #20.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #20, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E021 — SA drill 21: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 21: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #21.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #21, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E022 — SA drill 22: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 22: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #22.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #22, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E023 — SA drill 23: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 23: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #23.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #23, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E024 — SA drill 24: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 24: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #24.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #24, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E025 — SA drill 25: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 25: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #25.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #25, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E026 — SA drill 26: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 26: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #26.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #26, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E027 — SA drill 27: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 27: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #27.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #27, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E028 — SA drill 28: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 28: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #28.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #28, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E029 — SA drill 29: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 29: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #29.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #29, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E030 — SA drill 30: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 30: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #30.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #30, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E031 — SA drill 31: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 31: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #31.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #31, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E032 — SA drill 32: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 32: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #32.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #32, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E033 — SA drill 33: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 33: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #33.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #33, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E034 — SA drill 34: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 34: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #34.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #34, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E035 — SA drill 35: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 35: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #35.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #35, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E036 — SA drill 36: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 36: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #36.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #36, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E037 — SA drill 37: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 37: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #37.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #37, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E038 — SA drill 38: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 38: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #38.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #38, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E039 — SA drill 39: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 39: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #39.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #39, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E040 — SA drill 40: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 40: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #40.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #40, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E041 — SA drill 41: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 41: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #41.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #41, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E042 — SA drill 42: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 42: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #42.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #42, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E043 — SA drill 43: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 43: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #43.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #43, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E044 — SA drill 44: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 44: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #44.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #44, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E045 — SA drill 45: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 45: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #45.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #45, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E046 — SA drill 46: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 46: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #46.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #46, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E047 — SA drill 47: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 47: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #47.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #47, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E048 — SA drill 48: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 48: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #48.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #48, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E049 — SA drill 49: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 49: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #49.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #49, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E050 — SA drill 50: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 50: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #50.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #50, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E051 — SA drill 51: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 51: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #51.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #51, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E052 — SA drill 52: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 52: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #52.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #52, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E053 — SA drill 53: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 53: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #53.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #53, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E054 — SA drill 54: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 54: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #54.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #54, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E055 — SA drill 55: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 55: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #55.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #55, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E056 — SA drill 56: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 56: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #56.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #56, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E057 — SA drill 57: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 57: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #57.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #57, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E058 — SA drill 58: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 58: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #58.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #58, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E059 — SA drill 59: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 59: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #59.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #59, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E060 — SA drill 60: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 60: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #60.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #60, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E061 — SA drill 61: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 61: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #61.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #61, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E062 — SA drill 62: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 62: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #62.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #62, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E063 — SA drill 63: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 63: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #63.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #63, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E064 — SA drill 64: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 64: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #64.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #64, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E065 — SA drill 65: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 65: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #65.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #65, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E066 — SA drill 66: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 66: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #66.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #66, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E067 — SA drill 67: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 67: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #67.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #67, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E068 — SA drill 68: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 68: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #68.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #68, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E069 — SA drill 69: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 69: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #69.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #69, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E070 — SA drill 70: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 70: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #70.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #70, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E071 — SA drill 71: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 71: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #71.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #71, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E072 — SA drill 72: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 72: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #72.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #72, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E073 — SA drill 73: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 73: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #73.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #73, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E074 — SA drill 74: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 74: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #74.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #74, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E075 — SA drill 75: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 75: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #75.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #75, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E076 — SA drill 76: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 76: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #76.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #76, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E077 — SA drill 77: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 77: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #77.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #77, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E078 — SA drill 78: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 78: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #78.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #78, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E079 — SA drill 79: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 79: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #79.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #79, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E080 — SA drill 80: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 80: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #80.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #80, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E081 — SA drill 81: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 81: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #81.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #81, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E082 — SA drill 82: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 82: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #82.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #82, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E083 — SA drill 83: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 83: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #83.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #83, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E084 — SA drill 84: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 84: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #84.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #84, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E085 — SA drill 85: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 85: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #85.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #85, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E086 — SA drill 86: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 86: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #86.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #86, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E087 — SA drill 87: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 87: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #87.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #87, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E088 — SA drill 88: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 88: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #88.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #88, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E089 — SA drill 89: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 89: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #89.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #89, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E090 — SA drill 90: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 90: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #90.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #90, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E091 — SA drill 91: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 91: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #91.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #91, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E092 — SA drill 92: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 92: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #92.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #92, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E093 — SA drill 93: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 93: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #93.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #93, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E094 — SA drill 94: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 94: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #94.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #94, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E095 — SA drill 95: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 95: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #95.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #95, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E096 — SA drill 96: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 96: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #96.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #96, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E097 — SA drill 97: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 97: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #97.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #97, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E098 — SA drill 98: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 98: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #98.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #98, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E099 — SA drill 99: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 99: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #99.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #99, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E100 — SA drill 100: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 100: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #100.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #100, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E101 — SA drill 101: Double-submit: user clicks Save twice rapidly.
Scenario: Double-submit: user clicks Save twice rapidly. (variation 101: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #101.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #101, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E102 — SA drill 102: Optimistic UI then server rejects
Scenario: Optimistic UI then server rejects — rollback strategy. (variation 102: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #102.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #102, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E103 — SA drill 103: Passing class instances as action arguments by mistake.
Scenario: Passing class instances as action arguments by mistake. (variation 103: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #103.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #103, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E104 — SA drill 104: File upload via Server Action size limits.
Scenario: File upload via Server Action size limits. (variation 104: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #104.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #104, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E105 — SA drill 105: Calling action inside useEffect infinite loop footgun.
Scenario: Calling action inside useEffect infinite loop footgun. (variation 105: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #105.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #105, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E106 — SA drill 106: Server Action + external redirect open redirect vulnerability.
Scenario: Server Action + external redirect open redirect vulnerability. (variation 106: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #106.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #106, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E107 — SA drill 107: Mixing use server in shared util imported by client.
Scenario: Mixing use server in shared util imported by client. (variation 107: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #107.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #107, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E108 — SA drill 108: Testing actions with mocked headers() cookies.
Scenario: Testing actions with mocked headers() cookies. (variation 108: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #108.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #108, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E109 — SA drill 109: Internationalization error messages from Zod in action.
Scenario: Internationalization error messages from Zod in action. (variation 109: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #109.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #109, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}
E110 — SA drill 110: Batching multiple mutations in one transition.
Scenario: Batching multiple mutations in one transition. (variation 110: consider deployment on a serverless platform with regional databases.)
Prompt: Explain trade-offs and what you would measure (latency, error rate, cost) before/after a change for case #110.
Model answer: Start by naming the user-visible symptom (SEO, staleness, TTFB, consistency). List hypotheses (N+1 queries, blocking waterfall, wrong cache directive, missing revalidation). Propose one smallest experiment: add logging/timing, reduce sequential awaits, adjust revalidate window, or move work to background job. Define rollback. For #110, emphasize that measurement beats opinions: compare p50/p95 TTFB and conversion where relevant.
'use server';
export async function save(prev: unknown, formData: FormData) {
// validate, idempotent write keyed by client intent
return { ok: true as const };
}