From 9cf9e851e7f45f16c8fe0784685f5d07c5ebad83 Mon Sep 17 00:00:00 2001
From: OG T <ogt@WOOOMacMiniM4.local>
Date: Fri, 3 Apr 2026 12:48:36 +0800
Subject: [PATCH] =?UTF-8?q?fix(api):=20=E4=BF=AE=E6=AD=A3=20Nginx=20?=
 =?UTF-8?q?=E5=8F=8D=E5=90=91=E4=BB=A3=E7=90=86=20307=20redirect=20http://?=
 =?UTF-8?q?=20Location=20=E5=95=8F=E9=A1=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

加入 ProxyHeadersMiddleware，讓 FastAPI 信任 X-Forwarded-Proto header。
解決知識庫頁面無法載入內容的問題 (HTTPS→HTTP mixed content block)。

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 apps/api/src/main.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/apps/api/src/main.py b/apps/api/src/main.py
index e4225961..c806f682 100644
--- a/apps/api/src/main.py
+++ b/apps/api/src/main.py
@@ -287,6 +287,13 @@ else:
 # Middleware
 # =============================================================================
 
+# 2026-04-03 ogt: Nginx 反向代理修正 — 讓 FastAPI 信任 X-Forwarded-Proto
+# 解決問題: /api/v1/knowledge (無結尾斜線) 307 redirect 產生 http:// Location
+# 原因: FastAPI 不知道自己在 HTTPS 後面，redirect 回 http://
+# 效果: 有了此中間件，307 Location 會是 https://
+from uvicorn.middleware.proxy_headers import ProxyHeadersMiddleware
+app.add_middleware(ProxyHeadersMiddleware, trusted_hosts="*")
+
 # CORS - Strict Whitelist (Iron Law #2)
 # NO wildcards, NO UAT
 app.add_middleware(