From a955f52904def825c2b524d266dacb076c99e321 Mon Sep 17 00:00:00 2001
From: Alex Vandiver <alexmv@zulip.com>
Date: Wed, 11 Jan 2023 15:44:38 +0000
Subject: [PATCH] uploads: Stop putting API headers on local-file upload
 responses.

These only need the usual response headers, not the
Access-Control-Origin headers that API endpoints need.
---
 .../files/nginx/zulip-include-frontend/uploads-internal.conf    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/puppet/zulip/files/nginx/zulip-include-frontend/uploads-internal.conf b/puppet/zulip/files/nginx/zulip-include-frontend/uploads-internal.conf
index 6166654468..5e56963894 100644
--- a/puppet/zulip/files/nginx/zulip-include-frontend/uploads-internal.conf
+++ b/puppet/zulip/files/nginx/zulip-include-frontend/uploads-internal.conf
@@ -40,7 +40,7 @@ location ~ ^/internal/s3/([^/]+)/(.*) {
 # Internal file-serving
 location /internal/local/uploads {
     internal;
-    include /etc/nginx/zulip-include/api_headers;
+    include /etc/nginx/zulip-include/headers;
     add_header Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'; object-src 'self'; plugin-types application/pdf;";
     include /etc/nginx/zulip-include/uploads.types;
     alias /home/zulip/uploads/files;