From 6e97c6623547b2af2f13a9c658abf3f10a577e9d Mon Sep 17 00:00:00 2001
From: Michael Stapelberg <michael@stapelberg.de>
Date: Sun, 20 Mar 2022 09:26:23 +0100
Subject: [PATCH] tls: revert unauthenticated access for localhost

This is not safe when using tailscale, which proxies traffic to localhost by
default. Thanks to joneskoo@ for the report!
---
 httpsredirect.go | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/httpsredirect.go b/httpsredirect.go
index bb521077..c3621c2f 100644
--- a/httpsredirect.go
+++ b/httpsredirect.go
@@ -1,19 +1,11 @@
 package gokrazy
 
 import (
-	"net"
 	"net/http"
 )
 
 func httpsRedirect(redirectPort string) func(w http.ResponseWriter, r *http.Request) {
 	return func(w http.ResponseWriter, r *http.Request) {
-		host, _, _ := net.SplitHostPort(r.RemoteAddr)
-		ip := net.ParseIP(host)
-		if ip.IsLoopback() {
-			http.DefaultServeMux.ServeHTTP(w, r)
-			return
-		}
-
 		r.URL.Host = r.Host
 		if redirectPort != "443" {
 			r.URL.Host += ":" + redirectPort