From 237eb640114912d2d1a79c82f46b929f39053e37 Mon Sep 17 00:00:00 2001
From: Josh Hawkins <32435876+hawkeye217@users.noreply.github.com>
Date: Wed, 20 May 2026 07:05:48 -0500
Subject: [PATCH] fix admin response cache leak to non-admin users via nginx
 proxy_cache

---
 docker/main/rootfs/usr/local/nginx/conf/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker/main/rootfs/usr/local/nginx/conf/nginx.conf b/docker/main/rootfs/usr/local/nginx/conf/nginx.conf
index d954bdcd52..d0b18ff805 100644
--- a/docker/main/rootfs/usr/local/nginx/conf/nginx.conf
+++ b/docker/main/rootfs/usr/local/nginx/conf/nginx.conf
@@ -252,6 +252,7 @@ http {
             include proxy.conf;
 
             proxy_cache api_cache;
+            proxy_cache_key "$scheme$proxy_host$request_uri|$role|$groups|$user";
             proxy_cache_lock on;
             proxy_cache_use_stale updating;
             proxy_cache_valid 200 5s;