fix: trust x-forwarded dietro traefik via security.allowedDomains
This commit is contained in:
@@ -5,6 +5,11 @@ import sitemap from '@astrojs/sitemap';
|
||||
export default defineConfig({
|
||||
site: 'https://insanitylab.tielogic.xyz',
|
||||
output: 'server',
|
||||
// Dietro Traefik il TLS termina al proxy: senza allowedDomains Astro ignora
|
||||
// X-Forwarded-Proto/Host e il checkOrigin CSRF respinge i POST (403).
|
||||
security: {
|
||||
allowedDomains: [{ hostname: 'insanitylab.tielogic.xyz', protocol: 'https' }],
|
||||
},
|
||||
adapter: node({ mode: 'standalone' }),
|
||||
integrations: [sitemap({ filter: (page) => !page.includes('/admin') })],
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user