ai generated solutions to our ai generated problems

This commit is contained in:
Heidi
2026-06-20 00:14:16 +01:00
parent a05ccf8bbc
commit e7a172f52f
5 changed files with 16 additions and 5 deletions
+4 -1
View File
@@ -89,7 +89,9 @@ the upstream response, rate limits callers, and caches successful GET responses.
Public TSS reads are also written to a bounded JSON snapshot cache and served at
both their `/api/tss/*` route and matching `/data/*` path. Fresh snapshots return
without touching the backend; stale snapshots are served immediately while the
server refreshes them in the background. All responses
server refreshes them in the background. The frontend uses `/api/tss/*` by
default so it can hit this server-side cache directly; set `VITE_STATIC_DATA=true`
only if you explicitly want the client to try `/data/*` first. All responses
ship `X-Content-Type-Options`, `X-Frame-Options: DENY`, `Referrer-Policy`,
`Permissions-Policy`, `Cross-Origin-Opener-Policy`, `Cross-Origin-Resource-Policy`,
HSTS (over HTTPS), and HTML responses include a Content Security Policy that
@@ -116,6 +118,7 @@ PUBLIC_DATA_CACHE_DIR=~/tsswebstorage/public-data
PUBLIC_DATA_CACHE_FRESH_MS=300000
PUBLIC_DATA_CACHE_STALE_MS=86400000
PUBLIC_DATA_PREWARM_INTERVAL_MS=300000
VITE_STATIC_DATA=false
API_RATE_LIMIT_WINDOW_MS=60000
API_RATE_LIMIT_MAX=120
```