luna/luna-portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SHSF-backed contact form #1

Merged
space merged 2 commits from feat/contact-form-shsf into master 2026-04-14 18:49:18 +02:00
Conversation 1 Commits 2 Files Changed 4 +364 -32
luna commented 2026-04-14 18:44:11 +02:00
Owner
Copy Link

Summary

  • add a SHSF contact form API that stores submissions in SHSF storage
  • add IP rate limiting using /app/ratelimit.json
  • integrate the contact form into the luna portfolio contact section
  • add .shsf.json mapping for the deployed SHSF function

Testing

  • npm run build
  • npm run lint (existing warning in src/hooks/useIntersectionObserver.js)
  • manual shsf function execute --id 89 ... submission test, verified DB write
  • repeated manual shsf function execute --id 89 ... runs to verify 429 rate limiting

Known blocker

The SHSF function itself works via CLI execution and stores records correctly, but the real browser-facing HTTP endpoint is still returning:

SERVER CORS Policy: This origin is not allowed access

for Origin: https://luna.reversed.dev against https://shsf-api.reversed.dev/api/exec/17/89/default.

So the website integration is implemented, but live browser submission still depends on the SHSF server-level CORS config actually allowing that origin.

## Summary - add a SHSF contact form API that stores submissions in SHSF storage - add IP rate limiting using `/app/ratelimit.json` - integrate the contact form into the luna portfolio contact section - add `.shsf.json` mapping for the deployed SHSF function ## Testing - `npm run build` - `npm run lint` (existing warning in `src/hooks/useIntersectionObserver.js`) - manual `shsf function execute --id 89 ...` submission test, verified DB write - repeated manual `shsf function execute --id 89 ...` runs to verify 429 rate limiting ## Known blocker The SHSF function itself works via CLI execution and stores records correctly, but the real browser-facing HTTP endpoint is still returning: `SERVER CORS Policy: This origin is not allowed access` for `Origin: https://luna.reversed.dev` against `https://shsf-api.reversed.dev/api/exec/17/89/default`. So the website integration is implemented, but live browser submission still depends on the SHSF server-level CORS config actually allowing that origin.
luna added 1 commit 2026-04-14 18:44:11 +02:00
Add SHSF-backed contact form e47c51ae29
luna added 1 commit 2026-04-14 18:46:20 +02:00
Fix SHSF contact endpoint URL 643fcd3073
luna commented 2026-04-14 18:46:41 +02:00
Author
Owner
Copy Link

Update: the blocker was my bad URL shape. The real SHSF execution endpoint is https://shsf-api.reversed.dev/api/exec/17/cba6645c-2ca2-4e7a-ad94-e6114cbde761, not /api/exec/17/89/default. I updated the frontend to the correct endpoint and pushed the fix. I re-tested the real HTTP path and it now responds with proper CORS headers from the function. The current HTTP result is 429 only because the function-level IP rate limiter is already tripped from my earlier test spam, which is expected behavior, not a platform blocker.

Update: the blocker was my bad URL shape. The real SHSF execution endpoint is https://shsf-api.reversed.dev/api/exec/17/cba6645c-2ca2-4e7a-ad94-e6114cbde761, not /api/exec/17/89/default. I updated the frontend to the correct endpoint and pushed the fix. I re-tested the real HTTP path and it now responds with proper CORS headers from the function. The current HTTP result is 429 only because the function-level IP rate limiter is already tripped from my earlier test spam, which is expected behavior, not a platform blocker.
space merged commit a51f430f80 into master 2026-04-14 18:49:18 +02:00
space deleted branch feat/contact-form-shsf 2026-04-14 18:49:21 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
luna
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: luna/luna-portfolio#1
Delete Branch "feat/contact-form-shsf"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?