refactor: clean up comments and improve readability in nginx configuration

backend/nginx.conf

@@ -13,9 +13,8 @@ http {
 
     client_max_body_size 100M;
 
-    # The backend is running in the same container, so reference localhost
     upstream django {
-        server 127.0.0.1:8000;  # Use localhost to point to Gunicorn running internally
+        server 127.0.0.1:8000;
     }
 
     server {
@@ -23,7 +22,7 @@ http {
         server_name localhost;
 
         location / {
-            proxy_pass http://django;  # Forward to the upstream block
+            proxy_pass http://django;
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -31,26 +30,26 @@ http {
         }
 
         location /static/ {
-            alias /code/staticfiles/;  # Serve static files directly
+            alias /code/staticfiles/;
         }
 
-        # Serve protected media files with X-Accel-Redirect
+        # Internal redirect path for protected media
         location /protectedMedia/ {
             internal;
             alias /code/media/;
             try_files $uri =404;
         }
 
-        # Separate location for PDFs under /protectedMedia/
-        location ~* ^/protectedMedia/.*\.pdf$ {
+        # Special headers for PDF responses under /protectedMedia/
+        location ~ ^/protectedMedia/.*\.pdf$ {
             internal;
             alias /code/media/;
+            try_files $uri =404;
+
             add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
             add_header X-Content-Type-Options nosniff always;
             add_header X-Frame-Options SAMEORIGIN always;
             add_header Content-Disposition "inline" always;
         }
-
-
     }
 }