From 21e215cceaff2f6a0c8dd586e6936e10f23bbdbf Mon Sep 17 00:00:00 2001
From: Bobby DeSimone <bobbydesimone@gmail.com>
Date: Mon, 16 Sep 2019 20:34:04 -0700
Subject: [PATCH] proxy: handle double slash in paths

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
---
 cmd/pomerium/main.go   | 1 +
 docs/docs/CHANGELOG.md | 1 +
 proxy/handlers.go      | 4 +++-
 proxy/proxy.go         | 2 ++
 4 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/cmd/pomerium/main.go b/cmd/pomerium/main.go
index a7999c063..4364695df 100644
--- a/cmd/pomerium/main.go
+++ b/cmd/pomerium/main.go
@@ -118,6 +118,7 @@ func newProxyService(opt config.Options, r *mux.Router) (*proxy.Proxy, error) {
 
 func newGlobalRouter(o *config.Options) *mux.Router {
 	mux := httputil.NewRouter()
+	mux.SkipClean(true)
 	mux.Use(metrics.HTTPMetricsHandler(o.Services))
 	mux.Use(log.NewHandler(log.Logger))
 	mux.Use(log.AccessHandler(func(r *http.Request, status, size int, duration time.Duration) {
diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md
index 87644a4a9..e4bd88eb5 100644
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@@ -14,6 +14,7 @@
 ### Fixed
 
 - Fixed an issue where CSRF would fail if multiple tabs were open. [GH-306](https://github.com/pomerium/pomerium/issues/306)
+- Fixed an issue where pomerium would clean double slashes from paths.[GH-262](https://github.com/pomerium/pomerium/issues/262)
 
 ### Changed
 
diff --git a/proxy/handlers.go b/proxy/handlers.go
index c7d4df5ec..f55992c70 100644
--- a/proxy/handlers.go
+++ b/proxy/handlers.go
@@ -20,7 +20,9 @@ import (
 
 // Handler returns the proxy service's ServeMux
 func (p *Proxy) Handler() http.Handler {
-	r := httputil.NewRouter().StrictSlash(true)
+	r := httputil.NewRouter()
+	r.SkipClean(true)
+	r.StrictSlash(true)
 	r.Use(middleware.ValidateHost(func(host string) bool {
 		_, ok := p.routeConfigs[host]
 		return ok
diff --git a/proxy/proxy.go b/proxy/proxy.go
index db618b787..fae786f5f 100755
--- a/proxy/proxy.go
+++ b/proxy/proxy.go
@@ -247,6 +247,8 @@ func NewReverseProxy(to *url.URL) *httputil.ReverseProxy {
 // each route has a custom set of middleware applied to the reverse proxy
 func (p *Proxy) newReverseProxyHandler(rp http.Handler, route *config.Policy) (http.Handler, error) {
 	r := pom_httputil.NewRouter()
+	r.SkipClean(true)
+	r.StrictSlash(true)
 	r.Use(middleware.StripPomeriumCookie(p.cookieName))
 	// if signing key is set, add signer to middleware
 	if len(p.signingKey) != 0 {