feat: suppress caching for added project hosts via Cache-Control override

davidnuescheler · davidnuescheler · commit 528134e8f9e5 · 2026-02-11T10:30:59.000-07:00
- Add declarativeNetRequest rules that set response header
  Cache-Control: max-age=60 for all added project hosts (prod,
  preview, live, review)
- Overrides server Cache-Control for HTML (main_frame, sub_frame)
  and JSON (xmlhttprequest) to 1 minute
- Re-apply header config when project is added or updated
diff --git a/src/extension/auth.js b/src/extension/auth.js
@@ -18,10 +18,63 @@ import { ADMIN_ORIGIN } from './utils/admin.js';
 
 const { host: adminHost } = new URL(ADMIN_ORIGIN);
 
+/** Cache-Control max-age in seconds for added project hosts (HTML/JSON). 60 = 1 minute. */
+export const CACHE_MAX_AGE_SECONDS = 60;
+
 function getRandomId() {
   return Math.floor(Math.random() * 1000000);
 }
 
+/**
+ * Returns the hostname (domain) from a project host value (may be domain or full URL).
+ * @param {string} host
+ * @returns {string}
+ */
+function getHostDomain(host) {
+  if (!host || typeof host !== 'string') return '';
+  return host.startsWith('http') ? new URL(host).host : host;
+}
+
+/**
+ * Builds declarativeNetRequest rules that set Cache-Control on responses
+ * for added project hosts.
+ * @param {Object[]} projectConfigs Configs with host, previewHost, liveHost, reviewHost
+ * @returns {Object[]} Rules to add
+ */
+function getCacheControlRules(projectConfigs) {
+  const seen = new Set();
+  const rules = [];
+  const hosts = projectConfigs.flatMap((p) => [
+    p?.host,
+    p?.previewHost,
+    p?.liveHost,
+    p?.reviewHost,
+  ].filter(Boolean).map(getHostDomain)).filter(Boolean);
+  hosts.forEach((domain) => {
+    if (seen.has(domain)) return;
+    seen.add(domain);
+    const escaped = domain.replace(/\./g, '\\.');
+    rules.push({
+      id: getRandomId(),
+      priority: 1,
+      action: {
+        type: 'modifyHeaders',
+        responseHeaders: [{
+          header: 'Cache-Control',
+          operation: 'set',
+          value: `max-age=${CACHE_MAX_AGE_SECONDS}`,
+        }],
+      },
+      condition: {
+        regexFilter: `^https://${escaped}/.*`,
+        requestMethods: ['get'],
+        resourceTypes: ['main_frame', 'sub_frame', 'xmlhttprequest', 'other'],
+      },
+    });
+  });
+  return rules;
+}
+
 /**
  * Sets the x-auth-token header for all requests to the Admin API if project config
  * has an auth token. Also sets the Access-Control-Allow-Origin header for
@@ -35,6 +88,16 @@ export async function configureAuthAndCorsHeaders() {
       removeRuleIds: (await chrome.declarativeNetRequest.getSessionRules())
         .map((rule) => rule.id),
     });
+    const allRules = [];
+
+    // Cache-Control rules for added project hosts (prod, preview, live, review) – override to 1 min
+    const syncHandles = await getConfig('sync', 'projects')
+      || await getConfig('sync', 'hlxSidekickProjects') || [];
+    const syncConfigs = (await Promise.all(
+      syncHandles.map((handle) => getConfig('sync', handle)),
+    )).filter(Boolean);
+    allRules.push(...getCacheControlRules(syncConfigs));
+
     // find projects with auth tokens and add rules for each
     const projects = await getConfig('session', 'projects') || [];
     const addRulesPromises = projects.map(async ({
@@ -130,10 +193,10 @@ export async function configureAuthAndCorsHeaders() {
       return rules;
     });
 
-    const addRules = (await Promise.all(addRulesPromises)).flat();
-    if (addRules.length > 0) {
+    allRules.push(...(await Promise.all(addRulesPromises)).flat());
+    if (allRules.length > 0) {
       await chrome.declarativeNetRequest.updateSessionRules({
-        addRules,
+        addRules: allRules,
       });
     }
   } catch (e) {
diff --git a/src/extension/project.js b/src/extension/project.js
@@ -18,7 +18,7 @@ import {
 } from './config.js';
 import { urlCache } from './url-cache.js';
 import { callAdmin, createAdminUrl } from './utils/admin.js';
-import { setAuthToken } from './auth.js';
+import { configureAuthAndCorsHeaders, setAuthToken } from './auth.js';
 
 export const DEV_URL = 'http://localhost:3000/';
 
@@ -78,6 +78,7 @@ export async function updateProject(project) {
       projects.push(handle);
       await setConfig('sync', { projects });
     }
+    await configureAuthAndCorsHeaders();
     log.info('updated project', project);
     return project;
   }

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ import {`
`18`	`18`	`} from './config.js';`
`19`	`19`	`import { urlCache } from './url-cache.js';`
`20`	`20`	`import { callAdmin, createAdminUrl } from './utils/admin.js';`
`21`		`-import { setAuthToken } from './auth.js';`
	`21`	`+import { configureAuthAndCorsHeaders, setAuthToken } from './auth.js';`
`22`	`22`
`23`	`23`	`export const DEV_URL = 'http://localhost:3000/';`
`24`	`24`
`@@ -78,6 +78,7 @@ export async function updateProject(project) {`
`78`	`78`	`projects.push(handle);`
`79`	`79`	`await setConfig('sync', { projects });`
`80`	`80`	`}`
	`81`	`+ await configureAuthAndCorsHeaders();`
`81`	`82`	`log.info('updated project', project);`
`82`	`83`	`return project;`
`83`	`84`	`}`