Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
In the DAE extension, if a tenant name begins with the name of a path in the extension such as
/login
andlogin-mytenant
, the extension will break.Reproduction
{tenant-name}.webtask.run
.login-test
.https://us.webtask.run/api/run/loginshawn/auth0-delegated-admin
)https://us.webtask.run/api/runshawn/auth0-delegated-admin
Questions
The
getBaseUrl(req, protocol)
andgetBasePath(originalUrl, path
) will remove the pathname out of the url. Why do we need to do this?Assumption: We only want to remove the path from the end of the url? I assume this because the regex uses a
$
to remove the last trailing slash.What can go wrong if I modify this code to only remove the path at the end of the original url?
Assumption: That assumption 1 is right and we do not have pathnames elsewhere in the url to remove.
Changes
/login
paths in this route, we will aim to replace these paths at the end of the url. This will prevent any/login*
path elsewhere to be removed, such as a tenant name begining withlogin
.References
https://auth0team.atlassian.net/browse/ESD-11958