I'm building a website where users can execute small Python and C# snippets, but I need to measure the runtime of these processes. I found out that platforms like Netlify and Vercel don't support running Docker or custom runtimes, which leads me to seek a backend solution that can create isolated containers for execution.
I'm a bit confused about the architecture I should use. Here are my options:
- Should I host the frontend and backend separately (frontend on Netlify/Vercel and backend on a different platform like Render or AWS)?
- Or would it make more sense to host both the frontend and backend on Render as two services?
- Is there another approach that might be better?
The backend needs to:
- Run Docker containers
- Sandbox code submitted by users
- Enforce execution time limits
- Return both stdout/stderr and execution time
If anyone with experience in online coding platforms, judge systems, or safe execution environments could shed some light on the simplest and cleanest setup, that would be incredibly helpful!
2 Answers
If you're asking these kinds of questions, I highly recommend against trying to run untrusted code on your backend. You really need to know your stuff to do this safely.
Using WebAssembly (WASM) could be an option, like with Blazor. It allows you to run a lot of code on the client side. Just keep in mind that even with tight security measures, it could lead to issues if someone tries to exploit it.
Glad to hear that the creator of Compiler Explorer didn’t take that advice to heart—he figured it out along the way!