The auth_request subrequest to /api/ping/ through the generic /api location block doesn't properly forward cookies to the Django backend, causing 403 for all /cache/ and /media/ requests. Use a dedicated internal /_auth location that explicitly proxies to /api/ping/ with Cookie header forwarding.
8.2 KiB
8.2 KiB