11defmodule JolaDevWeb.Router do
22 use JolaDevWeb , :router
33
4+ @ secure_headers % {
5+ "strict-transport-security" => "max-age=63072000; includeSubDomains" ,
6+ "referrer-policy" => "strict-origin-when-cross-origin" ,
7+ "permissions-policy" => "camera=(), microphone=(), geolocation=()"
8+ }
9+
10+ pipeline :public do
11+ plug :accepts , [ "html" ]
12+ plug :put_root_layout , html: { JolaDevWeb.Layouts , :root }
13+ plug :put_secure_browser_headers , @ secure_headers
14+ plug :put_cdn_cache_header
15+ end
16+
417 pipeline :browser do
518 plug :accepts , [ "html" ]
619 plug :fetch_session
720 plug :fetch_live_flash
821 plug :put_root_layout , html: { JolaDevWeb.Layouts , :root }
922 plug :protect_from_forgery
10-
11- plug :put_secure_browser_headers , % {
12- "strict-transport-security" => "max-age=63072000; includeSubDomains" ,
13- "referrer-policy" => "strict-origin-when-cross-origin" ,
14- "permissions-policy" => "camera=(), microphone=(), geolocation=()"
15- }
23+ plug :put_secure_browser_headers , @ secure_headers
1624 end
1725
1826 pipeline :api do
@@ -25,7 +33,7 @@ defmodule JolaDevWeb.Router do
2533 end
2634
2735 scope "/" , JolaDevWeb do
28- pipe_through :browser
36+ pipe_through :public
2937
3038 get "/" , PageController , :home
3139 get "/about" , PageController , :about
@@ -55,6 +63,10 @@ defmodule JolaDevWeb.Router do
5563 # end
5664
5765 # Enable LiveDashboard in development
66+ defp put_cdn_cache_header ( conn , _opts ) do
67+ put_resp_header ( conn , "cache-control" , "public, s-maxage=86400, max-age=0" )
68+ end
69+
5870 if Application . compile_env ( :jola_dev , :dev_routes ) do
5971 # If you want to use the LiveDashboard in production, you should put
6072 # it behind authentication and allow only admins to access it.
0 commit comments