perf(cache): CF edge caching + eliminate request storms (~25M/week saved) (koala73#2829)

* perf(cache): add CF edge caching, eliminate request storms

Three changes to reduce origin request volume:

1. Gateway cache tiers now include `public, s-maxage` so Cloudflare
   can cache API responses at edge (previously browser-only). Bumped
   27 slow-seeded endpoints to appropriate tiers (static->daily for
   6h+ seeds, slow->static for 2h seeds).

2. Population exposure: moved computation client-side. The server
   handler is pure math on 20 hardcoded countries, no reason for
   network calls. Eliminates ~17.7M requests/week (20 calls per
   page load -> 0).

3. Consumer prices: wrapped fetchAllMarketsOverview in a circuit
   breaker so the combined 8-market result is cached as a unit.
   Returning visitors within 30min hit localStorage instead of
   firing 8 separate API calls.

* test: update shipping-rates tier assertion (static -> daily)

* test: update cache tier assertions for three-tier caching design

* fix(security): force slow-browser tier for premium endpoints

Premium endpoints (PREMIUM_RPC_PATHS + ENDPOINT_ENTITLEMENTS) must not
get public s-maxage headers. CF would cache authenticated responses and
serve them without re-running auth/entitlement checks. Force these to
slow-browser tier (browser-only max-age, no public/s-maxage).

* fix(security): add list-market-implications to PREMIUM_RPC_PATHS

PRO-only panel endpoint was missing from premium paths, allowing CF
edge caching to serve authenticated responses to unauthenticated users.

* chore: disable deduct-situation panel and endpoint

Panel set to enabled:false in panels.ts, server handler returns
early with provider:'disabled'. Code preserved for re-enabling later.

* fix(security): suppress CDN-Cache-Control for premium endpoints too

P1: slow-browser tier still had CDN-Cache-Control with public s-maxage,
letting Vercel CDN cache premium responses for same-origin requests.
Now CDN caching is fully disabled for premium endpoints.

P2: revert server-side deduct-situation disable. Keep backend intact
so the published API and correlation engine enrichment still work.
Only the panel is disabled (enabled:false in panels.ts).

Author: koala73

server/gateway.ts

@@ -28,17 +28,16 @@ export const serverOptions: ServerOptions = { onError: mapErrorToResponse };
 
 type CacheTier = 'fast' | 'medium' | 'slow' | 'slow-browser' | 'static' | 'daily' | 'no-store';
 
-// Browser-only cache: no `public` or `s-maxage` so Cloudflare (which ignores
-// Vary: Origin) does NOT cache these responses. CF sits in front of api.worldmonitor.app
-// and would otherwise pin ACAO: worldmonitor.app on the cached response, breaking CORS
-// for preview deployments. Vercel CDN caching is handled separately by CDN-Cache-Control.
+// Three-tier caching: browser (max-age) → CF edge (s-maxage) → Vercel CDN (CDN-Cache-Control).
+// CF ignores Vary: Origin so it may pin a single ACAO value, but this is acceptable
+// since production traffic is same-origin and preview deployments hit Vercel CDN directly.
 const TIER_HEADERS: Record<CacheTier, string> = {
-  fast: 'max-age=60, stale-while-revalidate=60, stale-if-error=600',
-  medium: 'max-age=120, stale-while-revalidate=120, stale-if-error=900',
-  slow: 'max-age=300, stale-while-revalidate=300, stale-if-error=3600',
+  fast: 'public, max-age=60, s-maxage=300, stale-while-revalidate=60, stale-if-error=600',
+  medium: 'public, max-age=120, s-maxage=600, stale-while-revalidate=120, stale-if-error=900',
+  slow: 'public, max-age=300, s-maxage=1800, stale-while-revalidate=300, stale-if-error=3600',
   'slow-browser': 'max-age=300, stale-while-revalidate=60, stale-if-error=1800',
-  static: 'max-age=600, stale-while-revalidate=600, stale-if-error=14400',
-  daily: 'max-age=3600, stale-while-revalidate=7200, stale-if-error=172800',
+  static: 'public, max-age=600, s-maxage=3600, stale-while-revalidate=600, stale-if-error=14400',
+  daily: 'public, max-age=3600, s-maxage=14400, stale-while-revalidate=7200, stale-if-error=172800',
   'no-store': 'no-store',
 };
 
@@ -80,7 +79,7 @@ const RPC_CACHE_TIER: Record<string, CacheTier> = {
   '/api/infrastructure/v1/list-internet-traffic-anomalies': 'slow',
 
   '/api/unrest/v1/list-unrest-events': 'slow',
-  '/api/cyber/v1/list-cyber-threats': 'slow',
+  '/api/cyber/v1/list-cyber-threats': 'static',
   '/api/conflict/v1/list-acled-events': 'slow',
   '/api/military/v1/get-theater-posture': 'slow',
   '/api/infrastructure/v1/get-temporal-baseline': 'slow',
@@ -99,7 +98,7 @@ const RPC_CACHE_TIER: Record<string, CacheTier> = {
   '/api/natural/v1/list-natural-events': 'slow',
   '/api/wildfire/v1/list-fire-detections': 'static',
   '/api/maritime/v1/list-navigational-warnings': 'static',
-  '/api/supply-chain/v1/get-shipping-rates': 'static',
+  '/api/supply-chain/v1/get-shipping-rates': 'daily',
   '/api/economic/v1/get-fred-series': 'static',
   '/api/economic/v1/get-bls-series': 'daily',
   '/api/economic/v1/get-energy-prices': 'static',
@@ -108,41 +107,41 @@ const RPC_CACHE_TIER: Record<string, CacheTier> = {
   '/api/giving/v1/get-giving-summary': 'static',
   '/api/intelligence/v1/get-country-intel-brief': 'static',
   '/api/intelligence/v1/get-gdelt-topic-timeline': 'medium',
-  '/api/climate/v1/list-climate-anomalies': 'static',
-  '/api/climate/v1/list-climate-disasters': 'static',
-  '/api/climate/v1/get-co2-monitoring': 'static',
-  '/api/climate/v1/get-ocean-ice-data': 'static',
+  '/api/climate/v1/list-climate-anomalies': 'daily',
+  '/api/climate/v1/list-climate-disasters': 'daily',
+  '/api/climate/v1/get-co2-monitoring': 'daily',
+  '/api/climate/v1/get-ocean-ice-data': 'daily',
   '/api/climate/v1/list-air-quality-data': 'fast',
   '/api/climate/v1/list-climate-news': 'slow',
-  '/api/sanctions/v1/list-sanctions-pressure': 'static',
+  '/api/sanctions/v1/list-sanctions-pressure': 'daily',
   '/api/sanctions/v1/lookup-sanction-entity': 'no-store',
   '/api/radiation/v1/list-radiation-observations': 'slow',
   '/api/thermal/v1/list-thermal-escalations': 'slow',
-  '/api/research/v1/list-tech-events': 'static',
-  '/api/military/v1/get-usni-fleet-report': 'static',
+  '/api/research/v1/list-tech-events': 'daily',
+  '/api/military/v1/get-usni-fleet-report': 'daily',
   '/api/military/v1/list-defense-patents': 'daily',
-  '/api/conflict/v1/list-ucdp-events': 'static',
-  '/api/conflict/v1/get-humanitarian-summary': 'static',
+  '/api/conflict/v1/list-ucdp-events': 'daily',
+  '/api/conflict/v1/get-humanitarian-summary': 'daily',
   '/api/conflict/v1/list-iran-events': 'slow',
-  '/api/displacement/v1/get-displacement-summary': 'static',
-  '/api/displacement/v1/get-population-exposure': 'static',
-  '/api/economic/v1/get-bis-policy-rates': 'static',
-  '/api/economic/v1/get-bis-exchange-rates': 'static',
-  '/api/economic/v1/get-bis-credit': 'static',
-  '/api/trade/v1/get-tariff-trends': 'static',
-  '/api/trade/v1/get-trade-flows': 'static',
-  '/api/trade/v1/get-trade-barriers': 'static',
-  '/api/trade/v1/get-trade-restrictions': 'static',
-  '/api/trade/v1/get-customs-revenue': 'static',
-  '/api/trade/v1/list-comtrade-flows': 'static',
-  '/api/economic/v1/list-world-bank-indicators': 'static',
-  '/api/economic/v1/get-energy-capacity': 'static',
-  '/api/economic/v1/list-grocery-basket-prices': 'static',
-  '/api/economic/v1/list-bigmac-prices': 'static',
-  '/api/economic/v1/list-fuel-prices': 'static',
-  '/api/economic/v1/get-fao-food-price-index': 'static',
-  '/api/economic/v1/get-crude-inventories': 'static',
-  '/api/economic/v1/get-nat-gas-storage': 'static',
+  '/api/displacement/v1/get-displacement-summary': 'daily',
+  '/api/displacement/v1/get-population-exposure': 'daily',
+  '/api/economic/v1/get-bis-policy-rates': 'daily',
+  '/api/economic/v1/get-bis-exchange-rates': 'daily',
+  '/api/economic/v1/get-bis-credit': 'daily',
+  '/api/trade/v1/get-tariff-trends': 'daily',
+  '/api/trade/v1/get-trade-flows': 'daily',
+  '/api/trade/v1/get-trade-barriers': 'daily',
+  '/api/trade/v1/get-trade-restrictions': 'daily',
+  '/api/trade/v1/get-customs-revenue': 'daily',
+  '/api/trade/v1/list-comtrade-flows': 'daily',
+  '/api/economic/v1/list-world-bank-indicators': 'daily',
+  '/api/economic/v1/get-energy-capacity': 'daily',
+  '/api/economic/v1/list-grocery-basket-prices': 'daily',
+  '/api/economic/v1/list-bigmac-prices': 'daily',
+  '/api/economic/v1/list-fuel-prices': 'daily',
+  '/api/economic/v1/get-fao-food-price-index': 'daily',
+  '/api/economic/v1/get-crude-inventories': 'daily',
+  '/api/economic/v1/get-nat-gas-storage': 'daily',
   '/api/economic/v1/get-eu-yield-curve': 'daily',
   '/api/supply-chain/v1/get-critical-minerals': 'daily',
   '/api/military/v1/get-aircraft-details': 'static',
@@ -160,7 +159,7 @@ const RPC_CACHE_TIER: Record<string, CacheTier> = {
   '/api/infrastructure/v1/get-cable-health': 'slow',
   '/api/positive-events/v1/list-positive-geo-events': 'slow',
 
-  '/api/military/v1/list-military-bases': 'static',
+  '/api/military/v1/list-military-bases': 'daily',
   '/api/economic/v1/get-macro-signals': 'medium',
   '/api/economic/v1/get-national-debt': 'daily',
   '/api/prediction/v1/list-prediction-markets': 'medium',
@@ -171,7 +170,7 @@ const RPC_CACHE_TIER: Record<string, CacheTier> = {
   '/api/news/v1/list-feed-digest': 'slow',
   '/api/intelligence/v1/get-country-facts': 'daily',
   '/api/intelligence/v1/list-security-advisories': 'slow',
-  '/api/intelligence/v1/list-satellites': 'slow',
+  '/api/intelligence/v1/list-satellites': 'static',
   '/api/intelligence/v1/list-gps-interference': 'slow',
   '/api/intelligence/v1/list-cross-source-signals': 'medium',
   '/api/intelligence/v1/list-oref-alerts': 'fast',
@@ -424,15 +423,17 @@ export function createDomainGateway(
       } else {
         const rpcName = pathname.split('/').pop() ?? '';
         const envOverride = process.env[`CACHE_TIER_OVERRIDE_${rpcName.replace(/-/g, '_').toUpperCase()}`] as CacheTier | undefined;
-        const tier = (envOverride && envOverride in TIER_HEADERS ? envOverride : null) ?? RPC_CACHE_TIER[pathname] ?? 'medium';
+        const isPremium = PREMIUM_RPC_PATHS.has(pathname) || getRequiredTier(pathname) !== null;
+        const tier = isPremium ? 'slow-browser' as CacheTier
+          : (envOverride && envOverride in TIER_HEADERS ? envOverride : null) ?? RPC_CACHE_TIER[pathname] ?? 'medium';
         mergedHeaders.set('Cache-Control', TIER_HEADERS[tier]);
         // Only allow Vercel CDN caching for trusted origins (worldmonitor.app, Vercel previews,
         // Tauri). No-origin server-side requests (external scrapers) must always reach the edge
         // function so the auth check in validateApiKey() can run. Without this guard, a cached
         // 200 from a trusted-origin browser request could be served to a no-origin scraper,
         // bypassing auth entirely.
         const reqOrigin = request.headers.get('origin') || '';
-        const cdnCache = isAllowedOrigin(reqOrigin) ? TIER_CDN_CACHE[tier] : null;
+        const cdnCache = !isPremium && isAllowedOrigin(reqOrigin) ? TIER_CDN_CACHE[tier] : null;
         if (cdnCache) mergedHeaders.set('CDN-Cache-Control', cdnCache);
         mergedHeaders.set('X-Cache-Tier', tier);
 

src/config/panels.ts

@@ -98,7 +98,7 @@ const FULL_PANELS: Record<string, PanelConfig> = {
   'national-debt': { name: 'Global Debt Clock', enabled: true, priority: 2 },
   'cross-source-signals': { name: 'Cross-Source Signals', enabled: true, priority: 2 },
   'market-implications': { name: 'AI Market Implications', enabled: true, priority: 1, premium: 'locked' as const },
-  'deduction': { name: 'Deduct Situation', enabled: true, priority: 1, premium: 'locked' as const },
+  'deduction': { name: 'Deduct Situation', enabled: false, priority: 1, premium: 'locked' as const },
   'geo-hubs': { name: 'Geopolitical Hubs', enabled: false, priority: 2 },
   'tech-hubs': { name: 'Hot Tech Hubs', enabled: false, priority: 2 },
 };

src/services/consumer-prices/index.ts

@@ -257,8 +257,17 @@ export async function fetchConsumerPriceFreshness(
   }
 }
 
+const allMarketsBreaker = createCircuitBreaker<GetConsumerPriceOverviewResponse[]>({
+  name: 'All Markets Overview',
+  cacheTtlMs: 30 * 60 * 1000,
+  persistCache: true,
+});
+
 export async function fetchAllMarketsOverview(): Promise<GetConsumerPriceOverviewResponse[]> {
-  return Promise.all(
-    SINGLE_MARKETS.map((m) => fetchConsumerPriceOverview(m.code, `essentials-${m.code}`)),
+  return allMarketsBreaker.execute(
+    () => Promise.all(
+      SINGLE_MARKETS.map((m) => fetchConsumerPriceOverview(m.code, `essentials-${m.code}`)),
+    ),
+    [],
   );
 }

src/services/population-exposure.ts

@@ -1,45 +1,58 @@
-import { createCircuitBreaker } from '@/utils';
-import { getRpcBaseUrl } from '@/services/rpc-client';
-import type { CountryPopulation, PopulationExposure } from '@/types';
-import { DisplacementServiceClient } from '@/generated/client/worldmonitor/displacement/v1/service_client';
-import type { GetPopulationExposureResponse } from '@/generated/client/worldmonitor/displacement/v1/service_client';
+import type { PopulationExposure } from '@/types';
 
-const client = new DisplacementServiceClient(getRpcBaseUrl(), { fetch: (...args) => globalThis.fetch(...args) });
+const PRIORITY_COUNTRIES: Record<string, { name: string; pop: number; area: number }> = {
+  UKR: { name: 'Ukraine', pop: 37000000, area: 603550 },
+  RUS: { name: 'Russia', pop: 144100000, area: 17098242 },
+  ISR: { name: 'Israel', pop: 9800000, area: 22072 },
+  PSE: { name: 'Palestine', pop: 5400000, area: 6020 },
+  SYR: { name: 'Syria', pop: 22100000, area: 185180 },
+  IRN: { name: 'Iran', pop: 88600000, area: 1648195 },
+  TWN: { name: 'Taiwan', pop: 23600000, area: 36193 },
+  ETH: { name: 'Ethiopia', pop: 126500000, area: 1104300 },
+  SDN: { name: 'Sudan', pop: 48100000, area: 1861484 },
+  SSD: { name: 'South Sudan', pop: 11400000, area: 619745 },
+  SOM: { name: 'Somalia', pop: 18100000, area: 637657 },
+  YEM: { name: 'Yemen', pop: 34400000, area: 527968 },
+  AFG: { name: 'Afghanistan', pop: 42200000, area: 652230 },
+  PAK: { name: 'Pakistan', pop: 240500000, area: 881913 },
+  IND: { name: 'India', pop: 1428600000, area: 3287263 },
+  MMR: { name: 'Myanmar', pop: 54200000, area: 676578 },
+  COD: { name: 'DR Congo', pop: 102300000, area: 2344858 },
+  NGA: { name: 'Nigeria', pop: 223800000, area: 923768 },
+  MLI: { name: 'Mali', pop: 22600000, area: 1240192 },
+  BFA: { name: 'Burkina Faso', pop: 22700000, area: 274200 },
+};
 
-const countriesBreaker = createCircuitBreaker<GetPopulationExposureResponse>({ name: 'WorldPop Countries', cacheTtlMs: 30 * 60 * 1000, persistCache: true });
+const EXPOSURE_CENTROIDS: Record<string, [number, number]> = {
+  UKR: [48.4, 31.2], RUS: [61.5, 105.3], ISR: [31.0, 34.8], PSE: [31.9, 35.2],
+  SYR: [35.0, 38.0], IRN: [32.4, 53.7], TWN: [23.7, 121.0], ETH: [9.1, 40.5],
+  SDN: [15.5, 32.5], SSD: [6.9, 31.3], SOM: [5.2, 46.2], YEM: [15.6, 48.5],
+  AFG: [33.9, 67.7], PAK: [30.4, 69.3], IND: [20.6, 79.0], MMR: [19.8, 96.7],
+  COD: [-4.0, 21.8], NGA: [9.1, 7.5], MLI: [17.6, -4.0], BFA: [12.3, -1.6],
+};
 
-const exposureBreaker = createCircuitBreaker<ExposureResponse | null>({
-  name: 'PopExposure',
-  cacheTtlMs: 6 * 60 * 60 * 1000,
-  persistCache: true,
-  maxCacheEntries: 256,
-});
+function computeExposure(lat: number, lon: number, radiusKm: number) {
+  let bestMatch: string | null = null;
+  let bestDist = Infinity;
 
-export async function fetchCountryPopulations(): Promise<CountryPopulation[]> {
-  const result = await countriesBreaker.execute(async () => {
-    return client.getPopulationExposure({ mode: 'countries', lat: 0, lon: 0, radius: 0 });
-  }, { success: false, countries: [] });
-
-  return result.countries;
-}
+  for (const [code, [cLat, cLon]] of Object.entries(EXPOSURE_CENTROIDS)) {
+    const dist = Math.sqrt((lat - cLat) ** 2 + (lon - cLon) ** 2);
+    if (dist < bestDist) {
+      bestDist = dist;
+      bestMatch = code;
+    }
+  }
 
-interface ExposureResponse {
-  exposedPopulation: number;
-  exposureRadiusKm: number;
-  nearestCountry: string;
-  densityPerKm2: number;
-}
+  const info = bestMatch ? PRIORITY_COUNTRIES[bestMatch]! : { pop: 50_000_000, area: 500_000 };
+  const density = info.pop / info.area;
+  const areaKm2 = Math.PI * radiusKm * radiusKm;
 
-export async function fetchExposure(lat: number, lon: number, radiusKm: number): Promise<ExposureResponse | null> {
-  const cacheKey = `${lat.toFixed(1)},${lon.toFixed(1)},${radiusKm}`;
-  return exposureBreaker.execute(
-    async () => {
-      const result = await client.getPopulationExposure({ mode: 'exposure', lat, lon, radius: radiusKm });
-      return result.exposure ?? null;
-    },
-    null,
-    { cacheKey },
-  );
+  return {
+    exposedPopulation: Math.round(density * areaKm2),
+    exposureRadiusKm: radiusKm,
+    nearestCountry: bestMatch || '',
+    densityPerKm2: Math.round(density),
+  };
 }
 
 interface EventForExposure {
@@ -70,37 +83,24 @@ function getRadiusForEventType(type: string): number {
   }
 }
 
-export async function enrichEventsWithExposure(
+export function enrichEventsWithExposure(
   events: EventForExposure[],
-): Promise<PopulationExposure[]> {
-  const MAX_CONCURRENT = 10;
-  const results: PopulationExposure[] = [];
-
-  for (let i = 0; i < events.length; i += MAX_CONCURRENT) {
-    const batch = events.slice(i, i + MAX_CONCURRENT);
-    const batchResults = await Promise.allSettled(
-      batch.map(async (event) => {
-        const radius = getRadiusForEventType(event.type);
-        const exposure = await fetchExposure(event.lat, event.lon, radius);
-        if (!exposure) return null;
-        return {
-          eventId: event.id,
-          eventName: event.name,
-          eventType: event.type,
-          lat: event.lat,
-          lon: event.lon,
-          exposedPopulation: exposure.exposedPopulation,
-          exposureRadiusKm: radius,
-        } as PopulationExposure;
-      })
-    );
-
-    for (const r of batchResults) {
-      if (r.status === 'fulfilled' && r.value) results.push(r.value);
-    }
-  }
-
-  return results.sort((a, b) => b.exposedPopulation - a.exposedPopulation);
+): PopulationExposure[] {
+  return events
+    .map((event) => {
+      const radius = getRadiusForEventType(event.type);
+      const exposure = computeExposure(event.lat, event.lon, radius);
+      return {
+        eventId: event.id,
+        eventName: event.name,
+        eventType: event.type,
+        lat: event.lat,
+        lon: event.lon,
+        exposedPopulation: exposure.exposedPopulation,
+        exposureRadiusKm: radius,
+      } as PopulationExposure;
+    })
+    .sort((a, b) => b.exposedPopulation - a.exposedPopulation);
 }
 
 export function formatPopulation(n: number): string {

src/shared/premium-paths.ts

@@ -10,6 +10,7 @@ export const PREMIUM_RPC_PATHS = new Set<string>([
   '/api/market/v1/backtest-stock',
   '/api/market/v1/list-stored-stock-backtests',
   '/api/intelligence/v1/deduct-situation',
+  '/api/intelligence/v1/list-market-implications',
   '/api/resilience/v1/get-resilience-score',
   '/api/resilience/v1/get-resilience-ranking',
 ]);

tests/gateway-cdn-origin-policy.test.mts

@@ -109,6 +109,6 @@ describe('gateway CDN origin policy', () => {
     assert.equal(withKey.status, 200);
     assert.equal(withKey.headers.get('Access-Control-Allow-Origin'), 'https://worldmonitor.app');
     assert.equal(withKey.headers.get('Vary'), 'Origin');
-    assert.match(withKey.headers.get('CDN-Cache-Control') ?? '', /s-maxage=/);
+    assert.equal(withKey.headers.get('CDN-Cache-Control'), null, 'premium endpoints must NOT have CDN caching');
   });
 });

tests/route-cache-tier.test.mjs

@@ -85,10 +85,13 @@ describe('RPC_CACHE_TIER route parity', () => {
     );
   });
 
-  it('slow-browser tier includes max-age, slow tier does not', () => {
+  it('slow tier includes public s-maxage for CF edge caching, slow-browser does not', () => {
     const gatewaySrc = readFileSync(join(root, 'server', 'gateway.ts'), 'utf-8');
-    assert.match(gatewaySrc, /slow-browser.*max-age/s, 'slow-browser tier must include max-age');
-    const slowLine = gatewaySrc.match(/^\s+slow: 'public.*'/m)?.[0] ?? '';
-    assert.ok(!slowLine.includes('max-age'), 'slow tier must NOT include max-age');
+    const slowLine = gatewaySrc.match(/^\s+slow: '.*'/m)?.[0] ?? '';
+    assert.ok(slowLine.includes('public'), 'slow tier must include public for CF caching');
+    assert.ok(slowLine.includes('s-maxage'), 'slow tier must include s-maxage for CF edge TTL');
+    const slowBrowserLine = gatewaySrc.match(/^\s+'slow-browser': '.*'/m)?.[0] ?? '';
+    assert.ok(!slowBrowserLine.includes('public'), 'slow-browser tier must NOT include public');
+    assert.ok(!slowBrowserLine.includes('s-maxage'), 'slow-browser tier must NOT include s-maxage');
   });
 });

tests/supply-chain-v2.test.mjs

@@ -342,8 +342,8 @@ describe('Gateway daily cache tier', () => {
     assert.match(src, /\/api\/supply-chain\/v1\/get-chokepoint-status':\s*'medium'/);
   });
 
-  it('shipping rates route still uses static tier', () => {
-    assert.match(src, /\/api\/supply-chain\/v1\/get-shipping-rates':\s*'static'/);
+  it('shipping rates route uses daily tier (24h seed interval)', () => {
+    assert.match(src, /\/api\/supply-chain\/v1\/get-shipping-rates':\s*'daily'/);
   });
 });