Dear Umbraco guru's, 😉 I've been looking for a solution to a problem regarding to generating URL's for images in a specific situation. I have Umbraco running inside a docker container with a nginx server on ubuntu. Nginx is set up to offload SSL to improve performance on the Kestrel side. In my AppSettings, Umbrco.CSM.Global.UseHttps is set to false. When I browse my media library, images cannot be displayed in Firefox on Mac due to the image url's that are generated. The url's are generated with http scheme, which is to be expected since we are not running on https. The issue is that Firefox is blocking the requests due to CSP violations (see attachment 1). I have tried to set CSP via Middleware but ended up with 2 CSP's for which the most limiting CSP will be used by the browser (see attachment 2). Any idea on how to fix this. I would like Umbraco to always render 'https' scheme for the links it generates for all media and content in loadbalanced / proxied environments. Update: Additional fact is that when I view the details of the image, the image is rendered since it uses a relative URL. This means that the image is accessible. Best regards, Arie https://cdn.discordapp.com/attachments/1297930835055480893/1297930835265192018/image.png?ex=6717b7c9&is=67166649&hm=5b2a213ce4a6fc66b750aef4085c17b167caa01a6ac7947b6742e38cc4f75105& https://cdn.discordapp.com/attachments/1297930835055480893/1297930835571507251/image.png?ex=6717b7c9&is=67166649&hm=9ec674bf406173d014505a03d542e4145d58aa059f0a4967ccb3d4f6a0f9a5af&

If you have a proxy or cdn between your client and server, you should use forwarded headers middleware. That way, your application can respond as if the proxy or cdn doesn't exist.

Thnx for the hint. The below code is in my Program.cs: var forwardedHeaderOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }; app.UseForwardedHeaders(forwardedHeaderOptions); Nginx : proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Scheme https; I might be missing something here, just can't figure it out....