mirror of https://github.com/xwiki-labs/cryptpad
proxy requests for blocks to the API server
This commit is contained in:
parent
5cd306a18a
commit
c27ff40db1
|
@ -217,7 +217,7 @@ server {
|
|||
}
|
||||
|
||||
# encrypted blobs are immutable and are thus cached for a year
|
||||
location ^~ /blob/ {
|
||||
location ~ ^/(blob|block)/.*$ {
|
||||
if ($request_method = 'OPTIONS') {
|
||||
add_header 'Access-Control-Allow-Origin' "${allowed_origins}";
|
||||
add_header 'Access-Control-Allow-Credentials' true;
|
||||
|
@ -238,23 +238,6 @@ server {
|
|||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# the "block-store" serves encrypted payloads containing users' drive keys
|
||||
# these payloads are unlocked via login credentials. They are mutable
|
||||
# and are thus never cached. They're small enough that it doesn't matter, in any case.
|
||||
location ^~ /block/ {
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header Cache-Control max-age=0;
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# This block provides an alternative means of loading content
|
||||
# otherwise only served via websocket. This is solely for debugging purposes,
|
||||
# and is thus not allowed by default.
|
||||
#location ^~ /datastore/ {
|
||||
#add_header Cache-Control max-age=0;
|
||||
#try_files $uri =404;
|
||||
#}
|
||||
|
||||
# The nodejs server has some built-in forwarding rules to prevent
|
||||
# URLs like /pad from resulting in a 404. This simply adds a trailing slash
|
||||
# to a variety of applications.
|
||||
|
|
Loading…
Reference in New Issue