Ensure a trailing slash on subpath proxy

doc/FAQ.md

@@ -83,7 +83,7 @@ Now you can browse to `<port>.coder.com`. Note that this uses the host header so
 ensure your reverse proxy forwards that information if you are using one.
 
 ### Sub-paths
-Just browse to `/proxy/<port>`.
+Just browse to `/proxy/<port>/`.
 
 ## x86 releases?
 

src/node/app/proxy.ts

@@ -30,15 +30,24 @@ export class ProxyHttpProvider extends HttpProvider implements HttpProxyProvider
     request: http.IncomingMessage,
     response: http.ServerResponse,
   ): Promise<HttpResponse> {
+    const isRoot = !route.requestPath || route.requestPath === "/index.html"
     if (!this.authenticated(request)) {
       // Only redirect from the root. Other requests get an unauthorized error.
-      if (route.requestPath && route.requestPath !== "/index.html") {
+      if (isRoot) {
-        throw new HttpError("Unauthorized", HttpCode.Unauthorized)
-      }
         return { redirect: "/login", query: { to: route.fullPath } }
       }
+      throw new HttpError("Unauthorized", HttpCode.Unauthorized)
+    }
 
-    const payload = this.doProxy(route.requestPath, request, response, route.base.replace(/^\//, ""))
+    // Ensure there is a trailing slash so relative paths work correctly.
+    const base = route.base.replace(/^\//, "")
+    if (isRoot && !route.originalPath.endsWith("/")) {
+      return {
+        redirect: `/proxy/${base}/`,
+      }
+    }
+
+    const payload = this.doProxy(route.requestPath, request, response, base)
     if (payload) {
       return payload
     }