Global Scripts Module — Storefront
Public read surface that returns the enabled global scripts for one document slot. The storefront layout calls this once per slot (HEAD, BODY_START, BODY_END) at render time and…
Public read surface that returns the enabled global scripts for one document slot. The storefront layout calls this once per slot (HEAD, BODY_START, BODY_END) at render time and injects each returned snippet verbatim. Authoring lives on the admin surface (see ../admin/global-script.md).
Source:
api-modules/global-script/src/controllers/store-global-script.controller.ts.Read-only and unauthenticated. Only enabled, non-deleted scripts for the requested slot are returned, already sorted in render order so the storefront can emit them directly.
Conventions
Authentication
| Endpoint group | Auth |
|---|---|
GET /store/global-scripts/position/:position | none (public) |
Response envelope
The response data is a plain array (not paginated) — the per-slot set is small and fixed, and the storefront needs the whole set to render the slot:
{
"data": [ /* GlobalScriptResponse[] */ ],
"message": "Success",
"statusCode": 200
}Error envelope
statusCode | errorCode examples |
|---|---|
| 400 | BAD_REQUEST (unknown position) |
| 500 | INTERNAL_SERVER_ERROR, DATABASE_ERROR |
Domain types
GlobalScriptResponse
Same shape as the admin surface (see ../admin/global-script.md). The storefront typically only reads content (and position); the rest is metadata.
type GlobalScriptPosition = "HEAD" | "BODY_START" | "BODY_END";
type GlobalScriptResponse = {
id: string;
title: string;
content: string; // raw HTML/JS, injected verbatim
position: GlobalScriptPosition;
priority: number;
isEnabled: boolean; // always true in this response
metadata: Record<string, unknown> | null;
createdAt: string; // ISO
updatedAt: string;
deletedAt: string | null; // always null in this response
};Endpoints
Base path: /store/global-scripts.
GET /store/global-scripts/position/:position — Enabled scripts for a slot
Returns enabled, non-deleted scripts for the requested slot, sorted by priority ascending then createdAt ascending — i.e. already in the order the storefront should emit them.
Path params
| Name | Type | Notes |
|---|---|---|
position | enum | One of HEAD / BODY_START / BODY_END (case-sensitive) |
Response 200 — GlobalScriptResponse[] (array, may be empty).
Errors
| Status | Code | When |
|---|---|---|
| 400 | BAD_REQUEST | position is not one of the three valid slot values |
Related modules
- Admin global-scripts — owns authoring, priority, enable/disable, and soft-delete. See
../admin/global-script.md.
Frequently Bought Together Module — Storefront
Public, anonymous storefront surface for Frequently-Bought-Together (FBT) recommendations — the "Customers also bought" carousel on the product detail page (PDP) and the cart.…
Guest Checkout Module — Storefront
HTTP surface for guest (no-account) checkout — contact capture for an anonymous cart, a non-blocking "you already have an account" hint, and public order tracking after the order…