internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
e5ff47bf14
commit
1dce408c72
|
@ -80,9 +80,12 @@ func (a *Application) forwardHandleNginx(rw http.ResponseWriter, r *http.Request
|
|||
a.log.Trace("path can be accessed without authentication")
|
||||
return
|
||||
}
|
||||
if strings.HasPrefix(a.getTraefikForwardUrl(r).Path, "/akprox") {
|
||||
fwu := a.getTraefikForwardUrl(r)
|
||||
if fwu.String() != r.URL.String() {
|
||||
if strings.HasPrefix(fwu.Path, "/akprox") {
|
||||
a.log.WithField("url", r.URL.String()).Trace("path begins with /akprox, allowing access")
|
||||
return
|
||||
}
|
||||
}
|
||||
http.Error(rw, "unauthorized request", http.StatusUnauthorized)
|
||||
}
|
||||
|
|
Reference in New Issue