Practice Domains Reference

When analyzing a task, think about which of these areas it touches. Search for each relevant domain in Step 2.

Core (search for these on almost every web app)

• API design — REST conventions, response format, status codes, pagination
• Error handling — structured error responses, error middleware, graceful shutdown
• Security — CORS, security headers, rate limiting, input sanitization
• Testing — test coverage for critical flows, integration tests
• Database interactions — schema design, migrations, indexes, query patterns
• Accessibility — ARIA, keyboard navigation, form labels, screen reader support

Architectural (search for these on any non-trivial app)

• Separation of concerns — thin routes, service layer, data access layer
• Structured logging — JSON logs, log levels, request IDs (not console.log/print)
• Configuration management — env vars with defaults, no hardcoded values
• Input sanitization — prevent XSS, SQL injection, validate at boundaries

Operational (search for these when building for production)

• Health checks — liveness and readiness endpoints for load balancers
• API documentation — OpenAPI/Swagger, endpoint descriptions
• Caching — HTTP cache headers, in-memory caching for read-heavy endpoints
• Idempotency — safe retries for POST endpoints, prevent duplicates
• Graceful degradation — timeouts, fallbacks, partial responses when dependencies fail

Situational (search only when relevant)

• Real-time patterns — WebSocket/SSE, reconnection, heartbeats
• Performance — lazy loading, bundle optimization, database indexing
• DevOps — Docker, CI/CD, deployment strategies

Don't search for every domain — focus on the ones that matter for this specific task. But for any web application, the Core domains always apply.