fix: allow Next.js RSC/Server Action requests through proxy

Simplified API route matching and added RSC/next-action header passthrough to prevent 'Failed to find Server Action' errors. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-18 16:39:03 +01:00
parent ebdac49f91
commit bc081c777b
1 changed files with 13 additions and 16 deletions
@@ -12,30 +12,27 @@ async function sha256(input: string): Promise<string> {
 export default async function proxy(request: NextRequest) {
  const { pathname } = request.nextUrl

-  // Allow: /zugang page, site-auth API, static assets, favicon
+  // Allow: /zugang page, site-auth API, static assets, favicon, Next.js internals
  if (
    pathname === '/zugang' ||
    pathname.startsWith('/api/site-auth') ||
    pathname.startsWith('/_next') ||
    pathname === '/favicon.ico' ||
-    pathname === '/icon.svg'
+    pathname === '/icon.svg' ||
+    pathname.startsWith('/icon')
  ) {
    return NextResponse.next()
  }

-  // Public API routes (no auth required)
-  if (
-    pathname.startsWith('/api/contributions') ||
-    pathname.startsWith('/api/upload') ||
-    pathname.startsWith('/api/candles') ||
-    pathname.startsWith('/api/family-upload') ||
-    pathname.startsWith('/api/timeline') ||
-    pathname.startsWith('/api/recipes') ||
-    pathname.startsWith('/api/memories') ||
-    pathname.startsWith('/api/media') ||
-    pathname.startsWith('/api/files') ||
-    pathname.startsWith('/api/auth')
-  ) {
+  // Allow all API routes and Next.js internal action requests
+  if (pathname.startsWith('/api/')) {
+    return NextResponse.next()
+  }
+
+  // Allow Next.js RSC/Server Action requests (internal framework requests)
+  const nextAction = request.headers.get('next-action')
+  const rsc = request.headers.get('rsc')
+  if (nextAction || rsc) {
    return NextResponse.next()
  }