Claude VM
efcfa66c07
OpenFreeMap's nginx blocks browser-origin requests on every endpoint — not only /planet (the TileJSON) but the versioned vector tiles too. Verified live: GET tiles.openfreemap.org/planet/20260520_001001_pt/6/36/22.pbf with Origin: https://tools.beletage.ro returns 403 (plain nginx, not Cloudflare). Yesterday's /api/basemap-style proxy fixed the TileJSON resolution, but every subsequent tile fetch still died at openfreemap's edge → empty cream map again. Two pieces here: 1. New /api/basemap-tile/[...path] catch-all that proxies ANY openfreemap resource (tiles, sprite, glyphs). Plain server-side fetch with no Origin header — passes openfreemap's filter — then streams the upstream body back to the browser. Cache-Control aggressive (24h public + 7d SWR + immutable) since openfreemap paths are versioned and never mutate. 2. /api/basemap-style rewrites every tiles.openfreemap.org URL inside the resolved style (tile templates + sprite + glyphs) to point at the proxy prefix above. The browser now never talks to openfreemap directly. Plus the middleware bypass widens from `api/basemap-style` to the prefix `api/basemap-` so both proxy routes load without auth. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>