Support secure same-origin API URLs

This commit is contained in:
masterdev
2026-06-16 23:12:00 +01:00
parent e0cd6fae06
commit e083a22bff
2 changed files with 45 additions and 2 deletions

View File

@@ -160,6 +160,26 @@ If the browser shows a CORS error, make sure the exact frontend origin is in
FRONTEND_ORIGINS=https://plasttrack.sable.ynsdev.site
```
If the frontend is served over HTTPS, the WebSocket URL must use `wss://`, not
`ws://`. Browsers block insecure WebSockets from secure pages. Recommended
same-domain reverse proxy variables:
```env
FRONTEND_ORIGIN=https://plasttrack.sable.ynsdev.site
FRONTEND_ORIGINS=https://plasttrack.sable.ynsdev.site
VITE_API_BASE_URL=https://plasttrack.sable.ynsdev.site
VITE_WS_URL=wss://plasttrack.sable.ynsdev.site/ws/dashboard
VITE_ALLOWED_HOSTS=plasttrack.sable.ynsdev.site,localhost,127.0.0.1
```
The reverse proxy must route:
```text
/api/* -> backend:8000
/ws/dashboard -> backend:8000
/* -> frontend:5173
```
### 3. Deploy
Click `Deploy the stack`.