mirror of
https://github.com/tailscale/tailscale.git
synced 2025-02-18 02:48:40 +00:00
db800ddeac
It's a basic "deny everything" policy, since DERP's HTTP server is very uninteresting from a browser POV. But it stops every security scanner under the sun from reporting "dangerously configured" HTTP servers. Updates tailscale/corp#3119 Signed-off-by: David Anderson <danderson@tailscale.com>