c750186830
This change trims the mountPoint from the request URL path before sending the request to the reverse proxy. Today if you mount a proxy at `/foo` and request to `/foo/bar/baz`, we leak the `mountPoint` `/foo` as part of the request URL's path. This fix makes removed the `mountPoint` prefix from the path so proxied services receive requests as if they were running at the root (`/`) path. This could be an issue if the app generates URLs (in HTML or otherwise) and assumes `/path`. In this case, those URLs will 404. With that, I still think we should trim by default and not leak the `mountPoint` (specific to Tailscale) into whatever app is hosted. If it causes an issue with URL generation, I'd suggest looking at configuring an app-specific path prefix or running Caddy as a more advanced solution. Fixes: #6571 Signed-off-by: Shayne Sweeney <shayne@tailscale.com> |
||
|---|---|---|
| .. | ||
| testdata | ||
| c2n.go | ||
| cert.go | ||
| cert_js.go | ||
| cert_test.go | ||
| dnsconfig_test.go | ||
| expiry.go | ||
| expiry_test.go | ||
| local.go | ||
| local_test.go | ||
| loglines_test.go | ||
| network-lock.go | ||
| network-lock_test.go | ||
| peerapi.go | ||
| peerapi_h2c.go | ||
| peerapi_macios_ext.go | ||
| peerapi_test.go | ||
| profiles.go | ||
| profiles_test.go | ||
| serve.go | ||
| serve_test.go | ||
| ssh.go | ||
| ssh_stub.go | ||
| ssh_test.go | ||
| state_test.go | ||