|
|
@ -25,17 +25,18 @@ server { |
|
|
proxy_cookie_domain ~(?P<domain>(justice.gov.bc.ca))$ "$domain; Secure"; |
|
|
proxy_cookie_domain ~(?P<domain>(justice.gov.bc.ca))$ "$domain; Secure"; |
|
|
|
|
|
|
|
|
# remove directories from incoming requests; |
|
|
# remove directories from incoming requests; |
|
|
rewrite ^/divorce-dev$ / last; |
|
|
|
|
|
rewrite ^/divorce-test$ / last; |
|
|
|
|
|
rewrite ^/divorce$ / last; |
|
|
rewrite ^/divorce$ / last; |
|
|
|
|
|
|
|
|
rewrite ^/divorce-dev(.*)$ $1 last; |
|
|
|
|
|
rewrite ^/divorce-test(.*)$ $1 last; |
|
|
|
|
|
rewrite ^/divorce(.*)$ $1 last; |
|
|
rewrite ^/divorce(.*)$ $1 last; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
# block all external access to the anonymous Redis image handler used for image to PDF conversion in Weasyprint |
|
|
|
|
|
# e.g. /divorce/api/documents/a8eeb280-f063-47d4-ab01-919319d61866_smtp_png/0/ |
|
|
|
|
|
location ~* ^/divorce\/api\/documents\/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_\w+\/\d+\/$ { |
|
|
|
|
|
return 403; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
# static (no rewrite and add caching) |
|
|
# static (no rewrite and add caching) |
|
|
location ~ /(divorce|divorce\-test|divorce\-dev)/static/ { |
|
|
|
|
|
|
|
|
location /divorce/static/ { |
|
|
|
|
|
|
|
|
expires 365d; |
|
|
expires 365d; |
|
|
add_header Cache-Control "public"; |
|
|
add_header Cache-Control "public"; |
|
|
|
Michael Olund
5 years ago