<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE"
    Header set Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With"
</IfModule>

# Force .crx files to download directly
<FilesMatch "\.crx$">
    <IfModule mod_headers.c>
        Header set Content-Disposition "attachment"
        Header set Content-Type "application/x-chrome-extension"
    </IfModule>
</FilesMatch>

# Proper MIME type for ZIP downloads
<FilesMatch "\.zip$">
    <IfModule mod_headers.c>
        Header set Content-Type "application/zip"
    </IfModule>
</FilesMatch>

# Disable MultiViews to prevent "Multiple Choices" error (e.g. handshake.html vs handshake.js)
Options -MultiViews

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    # Force HTTPS
    RewriteCond %{HTTPS} off 
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    # API: All /api.php requests go to api.php
    RewriteRule ^api\.php$ api.php [QSA,L]

    # API Helpers: /api/... routes
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^api/(.*)$ api.php [QSA,L]

    # Static assets: Don't rewrite real files (JS, CSS, images)
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^ - [L]

    # Explicit Safety: Never rewrite these extensions (prevents MIME mismatch errors)
    RewriteRule \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|map)$ - [L]

    # Static assets: Don't rewrite directories
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]

    # Admin Panel Routing (PRIORITY: Must be before generic slug match)
    RewriteRule ^admin/?(.*)$ src/admin/index.html [QSA,L]

    # React SPA: Profile slugs route to handshake.html
    # Matches: /trey-adcox, /john-smith, /abc123, etc.
    RewriteRule ^([a-zA-Z0-9_-]+)$ src/handshake/handshake.html [QSA,L]

    # Fallback: Root goes to index.html (Landing Page)
    # The default behavior of DirectoryIndex index.html handles this, but for SPA routing:
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^ index.html [L]
</IfModule>
