Update Deps and Fix iFrame support

Cargo.toml

@@ -4,12 +4,12 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-axum = "0.7"
+axum = "0.8"
 tokio = { version = "1", features = ["full"] }
 tokio-util = { version = "0.7", features = ["io"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-dotenv = "0.15"
-tower-http = { version = "0.5", features = ["compression-full", "timeout", "trace"] }
+dotenvy = "0.15"
+tower-http = { version = "0.6", features = ["compression-full", "timeout", "trace"] }
 tracing = "0.1"
 tracing-subscriber = "0.3"

src/main.rs

@@ -62,7 +62,7 @@ async fn main() {
     tracing_subscriber::fmt::init();
 
     // Load environment configuration
-    dotenv::dotenv().ok();
+    dotenvy::dotenv().ok();
     let config = load_config();
 
     // Load media files configuration
@@ -77,7 +77,7 @@ async fn main() {
     let app = Router::new()
         .route("/", get(list_files))
         .route("/image.png", get(serve_image))
-        .route("/download/:file_id", get(download_file))
+        .route("/download/{file_id}", get(download_file))
         .route("/health", get(health_check))
         .layer(middleware::from_fn_with_state(
             state.clone(),
@@ -88,7 +88,7 @@ async fn main() {
             ip_whitelist_middleware,
         ))
         .layer(CompressionLayer::new())
-        .layer(TimeoutLayer::new(Duration::from_secs(config.request_timeout)))
+        .layer(TimeoutLayer::with_status_code(StatusCode::REQUEST_TIMEOUT, Duration::from_secs(config.request_timeout)))
         .layer(TraceLayer::new_for_http())
         .with_state(state);
 
@@ -197,7 +197,6 @@ async fn security_headers_middleware(
 
     // Basic security headers
     headers.insert("X-Content-Type-Options", "nosniff".parse().unwrap());
-    headers.insert("X-Frame-Options", "SAMEORIGIN".parse().unwrap());
     headers.insert("X-XSS-Protection", "1; mode=block".parse().unwrap());
     headers.insert("Referrer-Policy", "no-referrer".parse().unwrap());