fix: add CloudFront Function JS file to git (excluded by *.js in .gitignore)

Author: konokenj

cdk/.gitignore

@@ -1,5 +1,6 @@
 *.js
 !jest.config.js
+!lib/constructs/cf-lambda-furl-service/cf-function/*.js
 *.d.ts
 node_modules
 

cdk/lib/constructs/cf-lambda-furl-service/cf-function/cache-key.js

@@ -0,0 +1,36 @@
+// CloudFront Functions JS 2.0
+// Combines Next.js RSC-related headers into a single hashed cache key header
+// to prevent cache poisoning between HTML and RSC flight responses.
+//
+// Next.js App Router sets Vary: rsc, next-router-state-tree, next-router-prefetch,
+// next-router-segment-prefetch (and next-url for interception routes).
+// CloudFront ignores Vary and requires explicit cache key configuration,
+// but its Cache Policy has a 10-header limit. This function hashes all
+// RSC headers into one header to stay within the limit.
+async function handler(event) {
+  var h = event.request.headers;
+  var parts = [
+    'rsc',
+    'next-router-prefetch',
+    'next-router-state-tree',
+    'next-router-segment-prefetch',
+    'next-url',
+  ];
+  var key = '';
+  for (var i = 0; i < parts.length; i++) {
+    if (h[parts[i]]) {
+      key += parts[i] + '=' + h[parts[i]].value + ';';
+    }
+  }
+  if (key) {
+    // FNV-1a hash. Cryptographic strength is unnecessary;
+    // we only need distinct cache keys for distinct header combinations.
+    var hash = 2166136261;
+    for (var j = 0; j < key.length; j++) {
+      hash ^= key.charCodeAt(j);
+      hash = (hash * 16777619) | 0;
+    }
+    event.request.headers['x-nextjs-cache-key'] = { value: String(hash >>> 0) };
+  }
+  return event.request;
+}