If GitHub stats are anything to go by, Next.js has received incredible attention of late.
Freelancers and enterprises alike are creating their next applications in or migrating their existing ones to Next.js. When I was recently on-boarded to my first account at Sapient, the departing senior XT architect highly recommended that we migrate to it.
But what is Next.js? Let’s first start with that.
The uninitiated probably know that Next.js has something to do with React. What exactly? Is it the next generation of React? Or something lighter and more performant (like Preact)?
I’ll attempt the simplest explanation possible. Next.js is a way to create server-side web pages all the while allowing you to compose your app using React components. It internally uses React’s server-side rendering principles (and perhaps ReactDOMServer?) to create SSR pages.
It’s okay if you don’t get it the first time. So I’ll quote from its official docs.
In the words of Zeit (people behind Next.js) themselves:
You may want to server-side render certain pages and statically prerender others (balancing SEO and speed).
Think about how webapps are created with PHP. You create some files, write PHP code, then simply deploy it. We don’t have to worry about routing much, and the app is rendered on the server by default.
Are we going back to the server-side days? Weren’t we meant to move away from server-side on to client-side for performance reasons? Is creating single page client applications not the latest ritual? Besides, PHP, JSP, Ruby or Rails, ASP.NET… all can apparently do what Next.js promises.
To fully understand this, we must recap the pros and cons of server- and client-heavy apps.
|Time to first byte (TTFB)||Bad|
(html is served after full processing on the server, taking its size up)
(a bare-bones, ultra-lightweight html is served immediately)
|Time to first meaningful paint (TTFMP)||Good|
(user can see the “primary” contents sooner)
(user has to wait for browser’s JS engine to execute all scripts to perceive a page’s “primary” contents)
|Security||Less surface area for vulnerabilities|
(what happens on the server stays on the server)
|More surface area for vulnerabilities|
(increased scope for bad implementations of security due to exposed auth data)
(crawlers can easily parse the entire html rendered then and there)
(crawlers that cannot execute JS code are just left out)
(see the second article in links below)
I highly recommended reading the following articles once:
The second article is especially unmissable, and makes a great point in favor of server-side rendering (SSR) in general. It explains with the help of key practical metrics why SSR wins over CSR in all important areas.
Personally, I have always been a BIG advocate of taking server-side along with client-side development. I don’t believe there’s any such thing as a front-end developer or a back-end developer. A front-end person who doesn’t not know their way around back-end code should not be called a developer in the first place! SSR or not, any app can be performant and secure only if its developers understand the full stack well.