Summaru - News and summaries from your favorite subreddits

r/nextjs
Friday, May 9, 2025

Vercel Reduces Web Analytics Price 📉

A Redditor shared that Vercel has significantly reduced the price of its web analytics plus addon, from $50/month to $10/month, which they are happy about since it was one of their highest ongoing costs [27↑].

Some users discussed the competition with Netlify [20↑, 4↑], while others questioned the need for paid analytics given that Google Analytics is free [2↑].

One user pointed out that ad blockers can make Google Analytics data unreliable and mentioned that self-hosted analytics tools offer more accurate measurements [6↑]. Another said that Vercel analytics has a better user experience than Google but is still not as good as open-source alternatives [0↑].

In response, a user concurred with the better UX of Vercel Analytics but highlighted that Google Analytics provides much more in-depth data at no cost [5↑].

Movie Recommendation App Feedback 🎬

A Redditor introduced a movie recommendation and search app, seeking feedback and suggestions for improvement [22↑]. The app offers personalized movie suggestions and features, with account creation being free. The provided link directs to the app's website.

One user shared their similar project, which employed a vector database for similarity searches instead of directly using a Large Language Model (LLM) [12↑]. While they acknowledged that the AI recommendations might not be as advanced as the mentioned app, they emphasized the learning experience gained from building and working with vector databases for anime recommendations.

A question was raised about the app's differentiation from simply using ChatGPT [10↑]. In response, it was pointed out that the app offers a user interface and an attempt for perzonalisation [14↑], but also the creator is paying per token use [27↑].

The app creator emphasized the intention to create an enjoyable movie-searching experience, despite acknowledging its imperfections.

Securing JWT on Frontend: Approaches and Considerations 🔒

A Redditor is seeking advice on how to secure a JWT on the frontend of their Next.js application, where the backend is in Spring Boot [8↑]. The current setup uses session storage to hold the JWT, but a vulnerability was found where the JWT can be copied from a higher authority role tab to one with lower privileges.

One suggestion was to use HTTP-only cookies [32↑, 6↑]. Some users questioned the vulnerability, stating that copying credentials from a user with higher privileges isn't really a vulnerability, but others clarified that access to sensitive information opens the door to potential XSS exploits [14↑].

Another user pointed out that frontends are inherently not secure, as everything is visible to the user [10↑].

Therefore, it is of the upmost importance to double-check everything on the backend, where roles and permissions can be verified before executing sensitive operations [10↑].

Expense Tracker App Built with Next.js 💰

A Redditor shared an app they built for tracking daily expenses [29↑]. The app was introduced to the subreddit with a video. The author described its purpose as logging daily expenses. Comments explore the tools used in the application.

One user asked about the tool that was used to demo the app [8↑]. The app's creator responded with a link to Cursorful [3↑], a tool that seems to have been used in creating the demo. Another commenter inquired about technology behind the User Interface [2↑].