diff --git a/app.py b/app.py
index c3a0b557..63c01d3a 100644
--- a/app.py
+++ b/app.py
@@ -20,7 +20,7 @@ from config import app_config, Config
 from controllers.core import routes_core
 from controllers.legal import routes_legal
 from controllers.user import routes_user
-from extensions import db, csrf, cors, mail, oauth
+from extensions import db, csrf, mail, oauth
 from helpers.helper_app import Helper_App
 # external
 from flask import Flask, render_template, jsonify, request,  render_template_string, send_from_directory, redirect, url_for, session
@@ -81,12 +81,13 @@ def make_session_permanent():
     session.permanent = True
 
 csrf = CSRFProtect()
-"""
-cors = CORS()
-db = SQLAlchemy()
-mail = Mail()
-oauth = OAuth()
-"""
+cors = CORS(app, resources={
+    r"/static/*": {
+        "origins": [app.config["URL_HOST"]],
+        "methods": ["GET"],
+        "max_age": 3600
+    }
+})
 
 csrf.init_app(app)
 cors.init_app(app)
@@ -123,3 +124,16 @@ app.register_blueprint(routes_user)
 def console_log(value):
     Helper_App.console_log(value)
     return value
+<<<<<<< HEAD
+
+@app.after_request
+def add_cache_headers(response):
+    if request.path.startswith('/static/'):
+        # Cache static assets
+        response.headers['Cache-Control'] = 'public, max-age=31536000'
+    else:
+        # No caching for dynamic content
+        response.headers['Cache-Control'] = 'no-store, no-cache, must-revalidate, max-age=0'
+    return response
+=======
+>>>>>>> a5d77c11a435413c35315fe1c53b778a454279c8
diff --git a/config.py b/config.py
index 69ed087a..7c8bc070 100644
--- a/config.py
+++ b/config.py
@@ -40,7 +40,8 @@ class Config:
     # Auth0
     SESSION_COOKIE_SECURE = True
     SESSION_COOKIE_HTTPONLY = True
-    # SESSION_COOKIE_SAMESITE = 'Lax'
+    SESSION_COOKIE_SAMESITE = 'Strict'
+    REMEMBER_COOKIE_SECURE = True
     # PERMANENT_SESSION_LIFETIME = 3600
     WTF_CSRF_ENABLED = True
     # WTF_CSRF_CHECK_DEFAULT = False  # We'll check it manually for API routes
@@ -52,7 +53,7 @@ class Config:
     DOMAIN_AUTH0 = os.getenv('DOMAIN_AUTH0')
     ID_TOKEN_USER = 'user'
     # PostgreSQL
-    DB_NAME = os.getenv('partsltd')
+    DB_NAME = os.getenv('partsltd_prod')
     DB_USER = os.getenv('DB_USER')
     DB_PASSWORD = os.getenv('DB_PASSWORD')
     DB_HOST = os.getenv('DB_HOST')
diff --git a/extensions.py b/extensions.py
index eccf13e2..1c15f0cb 100644
--- a/extensions.py
+++ b/extensions.py
@@ -8,7 +8,7 @@ from authlib.integrations.flask_client import OAuth
 
 
 csrf = CSRFProtect()
-cors = CORS()
+# cors = CORS()
 db = SQLAlchemy()
 mail = Mail()
 oauth = OAuth()
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
deleted file mode 100644
index 4d551c78..00000000
--- a/requirements.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-
-Flask==3.0.3
-gunicorn==23.0.0
-flask_wtf
-flask_sqlalchemy
-flask_cors
-flask_mail
-authlib
-jwt
-mysqlclient
-stripe
-python_dotenv
-authlib
-pydantic
-# psycopg2
-requests
diff --git a/static/js/api.js b/static/js/api.js
index ece66adb..74857ebf 100644
--- a/static/js/api.js
+++ b/static/js/api.js
@@ -1,6 +1,5 @@
 import DOM from './dom.js';
 
-// Module for API calls
 export default class API {
     
     static getCsrfToken() {
@@ -151,7 +150,6 @@ export default class API {
 const api = new API();
 export default api;
 
-Example of using the API
 document.addEventListener('DOMContentLoaded', () => {
     initializeApp();
     setupEventListeners();
diff --git a/static/js/app.js b/static/js/app.js
index b42630f0..4215690d 100644
--- a/static/js/app.js
+++ b/static/js/app.js
@@ -1,8 +1,6 @@
 
-// Main entry point for the application
 'use strict';
 
-// import API from './api.js';
 import DOM from './dom.js';
 import Router from './router.js';
 
@@ -19,34 +17,24 @@ class App {
     }
 
     setupEventListeners() {
-        // Global event listeners
         // document.addEventListener('click', this.handleGlobalClick.bind(this));
-        // Add more global event listeners as needed
     }
 
     handleGlobalClick(event) {
-        // Handle global click events
     }
 
     start() {
-        // Additional startup logic
         this.initPageCurrent();
     }
 
     initPageCurrent() {
-        /*
-        _pageCurrent = Router.getPageCurrent();
-        _pageCurrent.initialize();
-        */
         this.router.loadPageCurrent();
     }
     
 }
 
-// Application instance
 const app = new App();
 
-// DOM ready handler
 function domReady(fn) {
     if (document.readyState !== 'loading') {
         fn();
@@ -55,13 +43,10 @@ function domReady(fn) {
     }
 }
 
-// Initialize and start the app when DOM is ready
 domReady(() => {
     app.initialize();
 });
 
-// Expose app to window for debugging (optional)
 window.app = app;
 
-// Export app if using modules
 export default app;
\ No newline at end of file
diff --git a/static/js/dom.js b/static/js/dom.js
index 15c78097..95948f69 100644
--- a/static/js/dom.js
+++ b/static/js/dom.js
@@ -1,7 +1,6 @@
 
 import Validation from "./lib/validation.js";
 
-// Module for DOM manipulation
 export default class DOM {
     static setElementAttributesValuesCurrentAndPrevious(element, data) {
         DOM.setElementAttributeValueCurrent(element, data);
diff --git a/static/js/router.js b/static/js/router.js
index ae01d0a0..93f7281f 100644
--- a/static/js/router.js
+++ b/static/js/router.js
@@ -12,30 +12,11 @@ import PageLicense from './pages/legal/license.js';
 // import PageUserLogout from './pages/user/logout.js';
 // import PageUserAccount from './pages/user/account.js';
 
-
-
 import API from './api.js';
 import DOM from './dom.js';
 import PagePrivacyPolicy from './pages/legal/privacy_policy.js';
 import PageRetentionSchedule from './pages/legal/retention_schedule.js';
 
-// Create a context for the pages
-// const pagesContext = require.context('./pages', true, /\.js$/);
-
-/*
-const pageModules = {
-    // Core
-    [hashPageHome]: () => import('./pages/core/home.js'),
-    [hashPageContact]: () => import('./pages/core/contact.js'),
-    [hashPageServices]: () => import('./pages/core/services.js'),
-    [hashPageAdminHome]: () => import('./pages/core/admin_home.js'),
-    // Legal
-    [hashPageAccessibilityStatement]: () => import('./pages/legal/accessibility_statement.js'),
-    [hashPageLicense]: () => import('./pages/legal/license.js'),
-    // User
-    // Add other pages here...
-};
-*/
 
 export default class Router {
     constructor() {
@@ -146,11 +127,8 @@ export default class Router {
     }
 }
 
-// Create and export a singleton instance
 export const router = new Router();
-// import this for navigation
 
-// Usage example (you can put this in your main.js or app.js)
 /*
 router.addRoute('/', () => {
     console.log('Home page');
@@ -162,7 +140,6 @@ router.addRoute('/about', () => {
     // Load about page content
 });
 
-// Example of how to use the router in other parts of your application
 export function setupNavigationEvents() {
     document.querySelectorAll('a[data-nav]').forEach(link => {
         link.addEventListener('click', (e) => {