Logout does not work behind reverse proxy

[code-asher]

Updated by @jsjoeio

What's the problem I'm solving?

With the latest changes to use the upstream server in code-server, we're now running into issues with our reverse proxy not using the correct URL for the Log out functionality.. The specific code we're talking about lives here.

When using a reverse proxy (i.e. Caddy/NGINX), the /logout endpoint is incorrect because it has the wrong base path and protocol.

What are some ways to go about it?

The most ideal way to solve this is to use relative endpoints. This way, code-server doesn't care about the base path or protocol. It only knows and uses relative paths.

How will things change/what is the need for maintenance?

I am not sure if there is historical context I may be missing which would explain why we didn't use a relative path from the start (or rather why upstream didn't). Patching this in vscode means it's something we'll need to keep an eye on as we continue staying in line with upstream.

I can't imagine this introducing any breaking changes but it could potentially break in specific environments if they don't support using relative paths for some reason 🤔 (though none specifically come to mind).

How to reproduce

Asher outlined steps below to reproduce this issue locally. To do so, follow these steps:

1. install Caddy (brew install caddy)
2. start code-server locally with yarn watch
3. serve it at as base path like /code with Caddy

http://localhost:8082/code/* {
	uri strip_prefix /code
	reverse_proxy 127.0.0.1:8080
}

4. navigate to http://localhost:8082/code/ (trailing slash is important!)
5. Open the Menu and click Logout

Expected

You are redirected to http://mydomain.com/logout

Actual

You should be redirected to http://mydomain.com/code/logout

Should be similar to the fix for this issue. See PR here.

[jsjoeio]

I think this will be similar to #4476

[jsjoeio]

Issue

We realized after merging a fix there was an edge case. If you logout from a non-root path, it will not work.

How to reproduce

Asher outlined steps below to reproduce this issue locally. To do so, follow these steps:

1. start code-server with yarn watch
2. Navigate to a non-root path: http://localhost:8080/vscode
3. Open the Menu and click Logout

Expected

You should be logged out and redirected to /vscode/login.

Actual

You are redirected to the root at http://localhost:8080 and not logged out.

Video

Screen.Recording.2021-12-07.at.2.29.10.PM.mov

Additional resources

The issue is that the base path gets set to window.location.pathname
see here: https://github.com/cdr/vscode/blob/5e0c6f3b95ed032e62c49101ae502a46c62ef202/src/vs/workbench/browser/client.ts#L194
This will be a problem with all relative paths btw
Which is why I have a function for constructing the relative base

See comment

[jsjoeio]

It appears to be working as expected - you are indeed brought to the right login page and you cannot access the editor

Screen.Recording.2021-12-07.at.1.14.25.PM.mov

@code-asher - I think we can close this then unless you want to try reproducing

[jsjoeio]

Update: we were missing a step in the reproduction. You need to logout from a non-root path. I will update the comment above.