mirror of
https://github.com/tailscale/tailscale.git
synced 2025-12-01 09:32:08 +00:00
db800ddeac
It's a basic "deny everything" policy, since DERP's HTTP server is very uninteresting from a browser POV. But it stops every security scanner under the sun from reporting "dangerously configured" HTTP servers. Updates tailscale/corp#3119 Signed-off-by: David Anderson <danderson@tailscale.com>