mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-04 21:04:37 +08:00
a84c7814de
## Summary Follow-up to #1452. `Sec-Fetch-Mode` / `Sec-Fetch-Dest` didn't reliably split HTML vs. markdown at the CDN edge, so curl could still get the HTML landing page. Switch to the `Accept` header: - Browsers send `Accept: text/html,...` on top-level navigations. - `curl`, `fetch()`, and agent fetchers send `*/*` or omit `Accept`. - Serve HTML only when `text/html` is explicitly listed; everything else gets `SKILL.md`. - `Vary` updated to `Accept` to match. ## Test plan - [ ] Deploy preview - [ ] `curl -sSL https://skill.stack-auth.com/ | head -3` returns markdown frontmatter - [ ] Browser load of `https://skill.stack-auth.com/` still shows the HTML landing page - [ ] Purge Vercel cache if stale variants persist <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved content format negotiation for skill resources to correctly serve HTML or markdown based on client requests. * **Chores** * Optimized caching behavior for edge and CDN services to enhance global content distribution efficiency. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/hexclave/stack-auth/pull/1454?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| backend | ||
| dashboard | ||
| dev-launchpad | ||
| e2e | ||
| hosted-components | ||
| internal-tool | ||
| mcp | ||
| mock-oauth-server | ||
| oauth-mock-server | ||
| skills | ||
