ai generated solutions to our ai generated problems

This commit is contained in:
Heidi
2026-06-20 00:20:48 +01:00
parent e7a172f52f
commit 7f1e6d0bef
5 changed files with 139 additions and 34 deletions
+8 -7
View File
@@ -86,12 +86,12 @@ Vehicle icon PNGs are served statically at `/vehicle-icons` from `VEHICLE_ICONS_
The proxy blocks cross-origin/API-navigation requests, strips CORS headers from
the upstream response, rate limits callers, and caches successful GET responses.
Public TSS reads are also written to a bounded JSON snapshot cache and served at
both their `/api/tss/*` route and matching `/data/*` path. Fresh snapshots return
without touching the backend; stale snapshots are served immediately while the
server refreshes them in the background. The frontend uses `/api/tss/*` by
default so it can hit this server-side cache directly; set `VITE_STATIC_DATA=true`
only if you explicitly want the client to try `/data/*` first. All responses
Public TSS reads are written to a bounded JSON snapshot cache and served at both
their `/api/tss/*` route and matching `/data/*` path. The frontend uses `/data/*`
by default for public pages. Fresh snapshots return without touching the backend;
stale snapshots are served immediately while the server refreshes them in the
background. Missing `/data/*` snapshots are filled from the matching upstream API
with a short timeout, then written atomically for future requests. All responses
ship `X-Content-Type-Options`, `X-Frame-Options: DENY`, `Referrer-Policy`,
`Permissions-Policy`, `Cross-Origin-Opener-Policy`, `Cross-Origin-Resource-Policy`,
HSTS (over HTTPS), and HTML responses include a Content Security Policy that
@@ -118,7 +118,8 @@ PUBLIC_DATA_CACHE_DIR=~/tsswebstorage/public-data
PUBLIC_DATA_CACHE_FRESH_MS=300000
PUBLIC_DATA_CACHE_STALE_MS=86400000
PUBLIC_DATA_PREWARM_INTERVAL_MS=300000
VITE_STATIC_DATA=false
PUBLIC_DATA_COLD_TIMEOUT_MS=8000
VITE_STATIC_DATA=true
API_RATE_LIMIT_WINDOW_MS=60000
API_RATE_LIMIT_MAX=120
```