AUTH-2173: Prepends access login url with scheme if one doesnt exist

2026-06-05 00:50:24 +08:00 · 2019-10-22 10:41:44 -05:00
parent 7133eceb9b
commit ad9559c66a
4 changed files with 40 additions and 4 deletions
--- a/cmd/cloudflared/access/cmd.go
+++ b/cmd/cloudflared/access/cmd.go
@@ -191,7 +191,8 @@ func login(c *cli.Context) error {
 	raven.SetDSN(sentryDSN)
 	logger := log.CreateLogger()
 	args := c.Args()
-	appURL, err := url.Parse(args.First())
+	rawURL := ensureURLScheme(args.First())
+	appURL, err := url.Parse(rawURL)
 	if args.Len() < 1 || err != nil {
 		logger.Errorf("Please provide the url of the Access application\n")
 		return err
@@ -211,6 +212,16 @@ func login(c *cli.Context) error {
 	return nil
 }

+// ensureURLScheme prepends a URL with https:// if it doesnt have a scheme. http:// URLs will not be converted.
+func ensureURLScheme(url string) string {
+	url = strings.Replace(strings.ToLower(url), "http://", "https://", 1)
+	if !strings.HasPrefix(url, "https://") {
+		url = fmt.Sprintf("https://%s", url)
+
+	}
+	return url
+}
+
 // curl provides a wrapper around curl, passing Access JWT along in request
 func curl(c *cli.Context) error {
 	raven.SetDSN(sentryDSN)
@@ -294,7 +305,7 @@ func sshGen(c *cli.Context) error {
 		return cli.ShowCommandHelp(c, "ssh-gen")
 	}

-	originURL, err := url.Parse("https://" + hostname)
+	originURL, err := url.Parse(ensureURLScheme(hostname))
 	if err != nil {
 		return err
 	}