From 9d69935f22bb33d88f829ea3aa92a3b61e966eaa Mon Sep 17 00:00:00 2001
From: Sean Morley <98704938+seanmorley15@users.noreply.github.com>
Date: Thu, 29 May 2025 18:02:05 -0400
Subject: [PATCH] Update backend/nginx.conf

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 backend/nginx.conf | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/backend/nginx.conf b/backend/nginx.conf
index e63dcfe..18d410e 100644
--- a/backend/nginx.conf
+++ b/backend/nginx.conf
@@ -39,15 +39,15 @@ http {
             internal;
             alias /code/media/;
             try_files $uri =404;
+        }
 
-            # Nested location for PDFs
-            location ~* \.pdf$ {
-                add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
-                add_header X-Content-Type-Options nosniff always;
-                add_header X-Frame-Options SAMEORIGIN always;
-                add_header Content-Disposition "inline" always;
-    }
-}
+        # Separate location for PDFs under /protectedMedia/
+        location ~* ^/protectedMedia/.*\.pdf$ {
+            add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
+            add_header X-Content-Type-Options nosniff always;
+            add_header X-Frame-Options SAMEORIGIN always;
+            add_header Content-Disposition "inline" always;
+        }
 
 
     }