-
Notifications
You must be signed in to change notification settings - Fork 212
Expand file tree
/
Copy pathssr.js.hbs
More file actions
94 lines (81 loc) · 3.63 KB
/
ssr.js.hbs
File metadata and controls
94 lines (81 loc) · 3.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
/*
* Copyright (c) 2023, Salesforce, Inc.
* All rights reserved.
* SPDX-License-Identifier: BSD-3-Clause
* For full license text, see the LICENSE file in the repo root or https://opensource.org/licenses/BSD-3-Clause
*/
'use strict'
import path from 'path'
import {getRuntime} from '@salesforce/pwa-kit-runtime/ssr/server/express'
import {defaultPwaKitSecurityHeaders} from '@salesforce/pwa-kit-runtime/utils/middleware'
import {getConfig} from '@salesforce/pwa-kit-runtime/utils/ssr-config'
import helmet from 'helmet'
const options = {
// The build directory (an absolute path)
buildDir: path.resolve(process.cwd(), 'build'),
// The cache time for SSR'd pages (defaults to 600 seconds)
defaultCacheTimeSeconds: 600,
// The contents of the config file for the current environment
mobify: getConfig(),
// The port that the local dev server listens on
port: 3000,
// The protocol on which the development Express app listens.
// Note that http://localhost is treated as a secure context for development,
// except by Safari.
protocol: 'http',
// Option for whether to set up a special endpoint for handling
// private SLAS clients
// Set this to false if using a SLAS public client
// When setting this to true, make sure to also set the PWA_KIT_SLAS_CLIENT_SECRET
// environment variable as this endpoint will return HTTP 501 if it is not set
useSLASPrivateClient: {{answers.project.commerce.isSlasPrivate}},
// If this is enabled, any HTTP header that has a non ASCII value will be URI encoded
// If there any HTTP headers that have been encoded, an additional header will be
// passed, `x-encoded-headers`, containing a comma separated list
// of the keys of headers that have been encoded
// There may be a slight performance loss with requests/responses with large number
// of headers as we loop through all the headers to verify ASCII vs non ASCII
encodeNonAsciiHttpHeaders: true
}
const runtime = getRuntime()
const {handler} = runtime.createHandler(options, (app) => {
// Set default HTTP security headers required by PWA Kit
app.use(defaultPwaKitSecurityHeaders)
// Set custom HTTP security headers
app.use(
helmet({
contentSecurityPolicy: {
useDefaults: true,
directives: {
'img-src': [
// Default source for product images - replace with your CDN
'*.commercecloud.salesforce.com'
],
'script-src': [
// Used by the service worker in /worker/main.js
'storage.googleapis.com'
],
'connect-src': [
// Connect to Einstein APIs
'api.cquotient.com',
'*.c360a.salesforce.com'
]
}
}
})
)
// Handle the redirect from SLAS as to avoid error
app.get('/callback?*', (req, res) => {
// This endpoint does nothing and is not expected to change
// Thus we cache it for a year to maximize performance
res.set('Cache-Control', `max-age=31536000`)
res.send()
})
app.get('/robots.txt', runtime.serveStaticFile('static/robots.txt'))
app.get('/favicon.ico', runtime.serveStaticFile('static/ico/favicon.ico'))
app.get('/worker.js(.map)?', runtime.serveServiceWorker)
app.get('*', runtime.render)
})
// SSR requires that we export a single handler function called 'get', that
// supports AWS use of the server that we created above.
export const get = handler