Stop serving group domain files when they are shadowed by a project in that group
As discussed in !94 (merged)
Given a -pages-root
like this:
group/
group.example.io/
public/
project/
foo.html
index.html
project/
public/
index.html
A request to https://group.example.io/project/index.html
is served from the project/
subdirectory. However, https://group.example.io/project/foo.html
also works, and returns the file from the group.example.io
subdirectory.
We still want https://group.example.io/index.html
to work, but we want to stop serving foo.html
in this way, as it greatly complicates access control logic.