Lars/shinkan-jinkendo
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

feat(nginx): add media location handling with Content-Security-Policy
All checks were successful
Deploy Development / deploy (push) Successful in 36s
Details
Test Suite / pytest-backend (push) Successful in 24s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 7s
Details
Test Suite / playwright-tests (push) Successful in 23s
Details
Test Suite / pytest-backend (pull_request) Successful in 24s
Details
Test Suite / lint-backend (pull_request) Successful in 0s
Details
Test Suite / build-frontend (pull_request) Successful in 6s
Details
Test Suite / playwright-tests (pull_request) Successful in 22s
Details

Browse Source 
- Implemented specific location blocks for `/media` and `/media/` to serve the React media library correctly.
- Added Content-Security-Policy headers to enhance security for media resources.
- Ensured proper handling of requests to prevent 404 errors on media reloads.
This commit is contained in:
Lars 2026-05-08 11:15:19 +02:00
parent b6de1f15ea
commit f745e5d082
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
frontend/nginx.conf
View File

@ -17,6 +17,17 @@ server {
# bei multipart ggf. Summe mehrerer Dateien sein (Backend praxis: bis 1024 MB Admin).
client_max_body_size 1024m;
# Medienbibliothek (React /media) vor location ^~ /media/: sonst liefert ein Reload
# auf /media/ den FastAPI StaticFiles-Mount unter /media und der Browser zeigt {"detail":"Not Found"}.
location = /media {
add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self'; media-src 'self' blob: data:; worker-src 'self' blob:; manifest-src 'self';" always;
try_files /index.html =404;
}
location = /media/ {
add_header Content-Security-Policy "default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self'; media-src 'self' blob: data:; worker-src 'self' blob:; manifest-src 'self';" always;
try_files /index.html =404;
}
location ^~ /api/ {
set $docker_backend_svc backend;
proxy_pass http://$docker_backend_svc:8000$request_uri;