> When it's the default, it's not a matter of someone configuring nginx to do the wrong thing. It's nginx's defaulting to doing the wrong thing and requiring specific configuration to do the right thing.

This assumes that „the reverse proxy requests a different URL upstream from what it got as a request“ is wrong. Who says that it is?

And as I said, it doesn’t seem to be the default. But I can also continue defend it being the default because I think even as a default on it wouldn’t be wrong.

EDIT: Actually it seems to be on by default:

https://nginx.org/en/docs/http/ngx_http_core_module.html#mer...

> Yes it is. Prescriptions for how intermediate servers are or are not to munge data before passing it to the origin server is written directly into the HTTP RFCs. It's filled with references to them.

Which RFC forbids a reverse proxy from rewriting the request URL?

If I have a legacy PHP app that expects values as query strings and I use a reverse proxy to map the URL path to those query strings, is that wrong too? Would it be wrong if my reverse proxy did that by default?

> This assumes that „the reverse proxy requests a different URL upstream from what it got as a request“ is wrong. Who says that it is?

For this case (double/multiple slash "normalization"), the author of this post is saying that—and they're saying RFC 3986 says so, too.

> Which RFC forbids a reverse proxy from rewriting the request URL?

Ibid.

> If I have a legacy PHP app that expects values as query strings and I use a reverse proxy to map the URL path to those query strings, is that wrong too? Would it be wrong if my reverse proxy did that by default?

Clearly, it's not wrong if you selected and/or configured a software package specifically for the purpose of providing that functionality. And clearly it is wrong if it were to do that when not configured to do anything other than act as generic middleware, with that software's creator(s) operating under the assumption that it's safe to do so all while arguing that it's standards-compliant.