It’s doable, both with v1 and v2, but it may be difficult depending on your response time and security requirements. Just FYI: there’s already discussions happening about deprecating v1, so please go with v2 if you do anything custom
No matter what you do, you probably have to create your own canister for this. There’s two approaches that I can come up with quickly that you can try:
- Exclude certain paths/files from certification. You can (certifiedly) say that certain parts (e.g. the response, specific headers) are dynamic and won’t be certified. Of course this makes things less secure but (at least in my opinion) a lot of use cases aren’t that security critical
- What one of Kyle’s cool projects does: If you want to serve a dynamic response you can upgrade the query to
http_requestto an update call. I that update call you can then add your response to the tree of certified responses (and prune outdated ones). Then you can serve this dynamically. Problem: it takes ~2 seconds do do the whole upgrade dance
Happy to go into more detail if you’re interested, but I’ll keep it short-ish so I don’t type a whole essay
Resources:
- Certification spec
- Rust certification stuff that I wrote when I implemented v2 for the asset canister. Planned to release it as a separate crate but haven’t gotten around to that. Feel free to copy/past the whole folder
- Kyle’s certified cache
- Kyle’s Motoko asset canister, which I suspect uses the certified cache to do some cool things