Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-07-19 04:49:37 +02:00
Code Issues Releases Activity

fix: update location blocks for protected media in nginx configuration

Browse source
This commit is contained in:
Sean Morley 2025-06-01 12:47:08 -04:00
parent c159e176b3
commit f95afdc35c
1 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
backend/nginx.conf
View file

@ -30,10 +30,9 @@ http {
}
# Special handling for PDF files with CSP headers
location ~ ^/protectedMedia/.*\.pdf$ {
location ~ ^/protectedMedia/(.*)\.pdf$ {
internal;
alias /code/media/;
try_files $uri =404;
alias /code/media/$1.pdf;
add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options SAMEORIGIN always;
@ -41,10 +40,9 @@ http {
}
# General protected media files (non-PDF)
location /protectedMedia/ {
location ~ ^/protectedMedia/(.*)$ {
internal;
alias /code/media/;
try_files $uri =404;
alias /code/media/$1;
}
}
}