Rules Hub
Coding Rules Library
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
Cover every production host when routing by environment
An incomplete host allowlist silently sends production traffic to the dev/fallback backend.
Bad example
| 1 | const PRODUCTION_HOSTS = new Set(['example.com', 'www.example.com']); |
| 2 |
|
| 3 | export const getBackendBaseUrl = (currentUrl?: string): string => { |
| 4 | if (!currentUrl) return DEV_BASE_URL; |
| 5 | const { hostname } = new URL(currentUrl); |
| 6 | // Any other live host (e.g. shop.example.com) falls through to DEV |
| 7 | return PRODUCTION_HOSTS.has(hostname) ? PROD_BASE_URL : DEV_BASE_URL; |
| 8 | }; |
Explanation (EN)
A live production subdomain like shop.example.com is missing from the set, so its traffic is forced onto the dev backend, causing broken or unstable behavior in production.
Objašnjenje (HR)
Stvarna produkcijska poddomena poput shop.example.com nedostaje u skupu, pa se njezin promet usmjerava na dev backend, što uzrokuje neispravno ili nestabilno ponašanje u produkciji.
Good example
| 1 | const PRODUCTION_HOSTS = new Set([ |
| 2 | 'example.com', |
| 3 | 'www.example.com', |
| 4 | 'shop.example.com', // include every live production host |
| 5 | ]); |
| 6 |
|
| 7 | export const getBackendBaseUrl = (currentUrl?: string): string => { |
| 8 | if (!currentUrl) return DEV_BASE_URL; |
| 9 | const { hostname } = new URL(currentUrl); |
| 10 | return PRODUCTION_HOSTS.has(hostname) ? PROD_BASE_URL : DEV_BASE_URL; |
| 11 | }; |
Explanation (EN)
Every production host the app actually serves is listed, so production traffic always reaches the production backend. Better still, prefer a deny-by-suffix or explicit env signal so new subdomains do not silently fall back to dev.
Objašnjenje (HR)
Navedeni su svi produkcijski hostovi koje aplikacija stvarno poslužuje, pa produkcijski promet uvijek dolazi na produkcijski backend. Još bolje, koristi provjeru po sufiksu domene ili eksplicitni env signal kako nove poddomene ne bi tiho završile na dev-u.
Notes (EN)
When the mapping is host-based, cross-check against hosts that other parts of the code already treat as production so you do not miss one.
Bilješke (HR)
Kada se mapiranje temelji na hostu, provjeri ga uz hostove koje drugi dijelovi koda već tretiraju kao produkcijske kako ne bi izostavio neki.