From 91d0fcd023a1dbac3e8752d5ce7896d196394e14 Mon Sep 17 00:00:00 2001 From: Hyungi Ahn Date: Fri, 24 Apr 2026 07:29:45 +0900 Subject: [PATCH] =?UTF-8?q?fix(ui):=20document-caddy=20trusted=5Fproxies?= =?UTF-8?q?=20=EC=84=A4=EC=A0=95=20(mixed-content=20=ED=95=B4=EC=86=8C)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit document-caddy 가 home-caddy 로부터 받은 X-Forwarded-Proto: https 를 신뢰하지 않고 incoming scheme (http) 로 덮어써 FastAPI 가 받은 proto 가 http 로 인식 → /api/documents 307 Location 헤더가 http:// 로 나가 HTTPS 페이지에서 mixed-content block. private_ranges 를 trusted_proxies 로 설정해 docker bridge 내부의 home-caddy 가 전달한 X-Forwarded-* 를 보존. Co-Authored-By: Claude Opus 4.7 (1M context) --- Caddyfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Caddyfile b/Caddyfile index 535aadf..89b32cf 100644 --- a/Caddyfile +++ b/Caddyfile @@ -1,5 +1,11 @@ { auto_https off + # home-caddy (docker bridge 사설망) 가 TLS 를 종단하고 X-Forwarded-Proto: https + # 를 전달. trusted_proxies 없으면 Caddy 가 incoming scheme (http) 로 덮어써 + # FastAPI 307 redirect 의 Location 헤더가 http:// 로 나가 mixed-content block. + servers { + trusted_proxies static private_ranges + } } http://document.hyungi.net {