Skip to content

feat: Cloudflare edge caching infrastructure for api.worldmonitor.app#471

Merged
koala73 merged 1 commit intomainfrom
cf-edge-caching
Feb 27, 2026
Merged

feat: Cloudflare edge caching infrastructure for api.worldmonitor.app#471
koala73 merged 1 commit intomainfrom
cf-edge-caching

Conversation

@koala73
Copy link
Owner

@koala73 koala73 commented Feb 27, 2026

Summary

  • Web fetch interceptor (installWebApiRedirect) routes RPC traffic through api.worldmonitor.app on production web, enabling CF edge caching
  • Cache-Control headers added to GET 200 responses (s-maxage=300, stale-while-revalidate=60), with no-store override for real-time endpoints (vessel snapshot)
  • CORS updated to allow GET, POST, OPTIONS methods (needed for POST→GET migration in feat: convert 52 API endpoints from POST to GET for edge caching #468)
  • Bot middleware skips api.worldmonitor.app by hostname check (non-spoofable, CF handles bot protection)
  • Desktop cloud fallback routes through api.worldmonitor.app for edge caching benefit

Files changed

File Change
src/services/runtime.ts New installWebApiRedirect(), DEFAULT_REMOTE_HOSTS → api subdomain, APP_HOSTS updated
src/main.ts Call installWebApiRedirect() after desktop fetch patch
api/[domain]/v1/[rpc].ts Default Cache-Control on GET 200, no-store for real-time endpoints
server/cors.ts GET added to allowed methods
middleware.ts Skip bot check for API subdomain by hostname

Depends on

Test plan

  • tsc --noEmit passes
  • Vite production build passes
  • Web: RPC requests on worldmonitor.app route to api.worldmonitor.app
  • Web: Preview deploys keep relative /api/ paths
  • Desktop: Cloud fallback uses api.worldmonitor.app
  • curl -v GET endpoint returns Cache-Control: public, s-maxage=300
  • curl -v vessel snapshot returns Cache-Control: no-store
  • POST endpoints have no Cache-Control header
  • CORS preflight returns GET, POST, OPTIONS

….app

Route web production RPC traffic through api.worldmonitor.app via fetch
interceptor (installWebApiRedirect). Add default Cache-Control headers
(s-maxage=300, stale-while-revalidate=60) on GET 200 responses, with
no-store override for real-time endpoints (vessel snapshot). Update CORS
to allow GET method. Skip Vercel bot middleware for API subdomain using
hostname check (non-spoofable, replacing CF-Ray header approach). Update
desktop cloud fallback to route through api.worldmonitor.app.
@vercel
Copy link

vercel bot commented Feb 27, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
worldmonitor Building Building Preview, Comment Feb 27, 2026 3:43pm
worldmonitor-finance Building Building Preview, Comment Feb 27, 2026 3:43pm
worldmonitor-happy Building Building Preview, Comment Feb 27, 2026 3:43pm
worldmonitor-startup Building Building Preview, Comment Feb 27, 2026 3:43pm

Request Review

@chatgpt-codex-connector
Copy link

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@koala73 koala73 merged commit eabc516 into main Feb 27, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants