admin/Mdeical_Sur_Report
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

Document forwarded proto requirements for public HTTPS

Browse Source 
- Add Nginx Proxy Manager guidance for X-Forwarded-Proto when secure session cookies are enabled

- Document login Cookie troubleshooting for public HTTPS reverse proxy deployments

- Clarify nginx.conf forwarded-proto behavior for generic and appliance packages
This commit is contained in:
admin
2026-05-09 05:01:50 +08:00
parent ba14d00c4d
commit 8908ebbc4c
4 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/deployment.md
View File

@@ -133,6 +133,12 @@ Nginx Proxy Manager 代理 `your-domain.example` 时:
- 开启 `Websockets Support`,否则 `/api/speech/iat` 语音 WebSocket 会失败。
- 绑定 SSL 证书并开启 `Force SSL`,否则浏览器不会开放公网麦克风权限。
- Advanced 中建议设置 `client_max_body_size 100m;``proxy_read_timeout 3600s;``proxy_send_timeout 3600s;`
- `SESSION_COOKIE_SECURE=true` 时,后端还必须收到 `X-Forwarded-Proto: https`。如果登录接口返回 200 但响应头没有 `Set-Cookie`,或刷新后 `/api/auth/me` 返回 `401 未登录`,在 Advanced 中补充:
```nginx
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
```
`# XXX` 公网正式访问只映射 `4002` 即可;不要把 Docker 自签名 HTTPS 演示入口 `4443` 映射到公网域名。