Support secure same-origin API URLs
This commit is contained in:
20
README.md
20
README.md
@@ -160,6 +160,26 @@ If the browser shows a CORS error, make sure the exact frontend origin is in
|
||||
FRONTEND_ORIGINS=https://plasttrack.sable.ynsdev.site
|
||||
```
|
||||
|
||||
If the frontend is served over HTTPS, the WebSocket URL must use `wss://`, not
|
||||
`ws://`. Browsers block insecure WebSockets from secure pages. Recommended
|
||||
same-domain reverse proxy variables:
|
||||
|
||||
```env
|
||||
FRONTEND_ORIGIN=https://plasttrack.sable.ynsdev.site
|
||||
FRONTEND_ORIGINS=https://plasttrack.sable.ynsdev.site
|
||||
VITE_API_BASE_URL=https://plasttrack.sable.ynsdev.site
|
||||
VITE_WS_URL=wss://plasttrack.sable.ynsdev.site/ws/dashboard
|
||||
VITE_ALLOWED_HOSTS=plasttrack.sable.ynsdev.site,localhost,127.0.0.1
|
||||
```
|
||||
|
||||
The reverse proxy must route:
|
||||
|
||||
```text
|
||||
/api/* -> backend:8000
|
||||
/ws/dashboard -> backend:8000
|
||||
/* -> frontend:5173
|
||||
```
|
||||
|
||||
### 3. Deploy
|
||||
|
||||
Click `Deploy the stack`.
|
||||
|
||||
Reference in New Issue
Block a user