outposts/proxy: cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

internal/outpost/proxyv2/application/mode_common.go

@@ -85,7 +85,7 @@ func (a *Application) IsAllowlisted(r *http.Request) bool {
 	// Since that would be /akprox/auth/...
 	if a.Mode() == api.PROXYMODE_FORWARD_SINGLE || a.Mode() == api.PROXYMODE_FORWARD_DOMAIN {
 		// For traefik, we can get the Upstream URL from headers
-		// For nginx we can attempt to as well, but it's not guranteed to work.
+		// For nginx we can attempt to as well, but it's not guaranteed to work.
 		if strings.HasPrefix(r.URL.Path, "/akprox/auth") {
 			url = a.getTraefikForwardUrl(r)
 		}

internal/outpost/proxyv2/application/mode_forward.go

@@ -48,12 +48,7 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque
 	// to the application
 	// see https://doc.traefik.io/traefik/middlewares/forwardauth/
 	// X-Forwarded-Uri is only the path, so we need to build the entire URL
-	s.Values[constants.SessionRedirect] = fmt.Sprintf(
-		"%s://%s%s",
-		r.Header.Get("X-Forwarded-Proto"),
-		r.Header.Get("X-Forwarded-Host"),
-		r.Header.Get("X-Forwarded-Uri"),
-	)
+	s.Values[constants.SessionRedirect] = a.getTraefikForwardUrl(r).String()
 	if r.Header.Get("X-Forwarded-Uri") == "/akprox/start" {
 		a.log.Info("Detected potential redirect loop")
 		if val, ok := s.Values[constants.SessionLoopDetection]; !ok {