diff --git a/src/node/app/api.ts b/src/node/app/api.ts
index ce3d1b80..88519ee3 100644
--- a/src/node/app/api.ts
+++ b/src/node/app/api.ts
@@ -43,8 +43,7 @@ export class ApiHttpProvider extends HttpProvider {
 
   public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
     this.ensureAuthenticated(request)
-    // Only serve root pages.
-    if (route.requestPath && route.requestPath !== "/index.html") {
+    if (!this.isRoot(route)) {
       throw new HttpError("Not found", HttpCode.NotFound)
     }
 
diff --git a/src/node/app/dashboard.ts b/src/node/app/dashboard.ts
index ea0b2b33..261e93c5 100644
--- a/src/node/app/dashboard.ts
+++ b/src/node/app/dashboard.ts
@@ -20,8 +20,7 @@ export class DashboardHttpProvider extends HttpProvider {
   }
 
   public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
-    // Only serve root pages.
-    if (route.requestPath && route.requestPath !== "/index.html") {
+    if (!this.isRoot(route)) {
       throw new HttpError("Not found", HttpCode.NotFound)
     }
 
diff --git a/src/node/app/login.ts b/src/node/app/login.ts
index c67a8714..b55f5503 100644
--- a/src/node/app/login.ts
+++ b/src/node/app/login.ts
@@ -18,8 +18,7 @@ interface LoginPayload {
  */
 export class LoginHttpProvider extends HttpProvider {
   public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
-    // Only serve root pages and only if password authentication is enabled.
-    if (this.options.auth !== AuthType.Password || (route.requestPath && route.requestPath !== "/index.html")) {
+    if (this.options.auth !== AuthType.Password || !this.isRoot(route)) {
       throw new HttpError("Not found", HttpCode.NotFound)
     }
     switch (route.base) {
diff --git a/src/node/app/proxy.ts b/src/node/app/proxy.ts
index 2082e6ef..42e73a60 100644
--- a/src/node/app/proxy.ts
+++ b/src/node/app/proxy.ts
@@ -41,10 +41,8 @@ export class ProxyHttpProvider extends HttpProvider implements HttpProxyProvider
     request: http.IncomingMessage,
     response: http.ServerResponse,
   ): Promise<HttpResponse> {
-    const isRoot = !route.requestPath || route.requestPath === "/index.html"
     if (!this.authenticated(request)) {
-      // Only redirect from the root. Other requests get an unauthorized error.
-      if (isRoot) {
+      if (this.isRoot(route)) {
         return { redirect: "/login", query: { to: route.fullPath } }
       }
       throw new HttpError("Unauthorized", HttpCode.Unauthorized)
@@ -53,7 +51,7 @@ export class ProxyHttpProvider extends HttpProvider implements HttpProxyProvider
     // Ensure there is a trailing slash so relative paths work correctly.
     const port = route.base.replace(/^\//, "")
     const base = `${this.options.base}/${port}`
-    if (isRoot && !route.fullPath.endsWith("/")) {
+    if (this.isRoot(route) && !route.fullPath.endsWith("/")) {
       return {
         redirect: `${base}/`,
       }
diff --git a/src/node/app/update.ts b/src/node/app/update.ts
index 02766808..d469a9ba 100644
--- a/src/node/app/update.ts
+++ b/src/node/app/update.ts
@@ -61,8 +61,7 @@ export class UpdateHttpProvider extends HttpProvider {
     this.ensureAuthenticated(request)
     this.ensureMethod(request)
 
-    // Only serve root pages.
-    if (route.requestPath && route.requestPath !== "/index.html") {
+    if (!this.isRoot(route)) {
       throw new HttpError("Not found", HttpCode.NotFound)
     }
 
diff --git a/src/node/app/vscode.ts b/src/node/app/vscode.ts
index 7d9406a2..79b62847 100644
--- a/src/node/app/vscode.ts
+++ b/src/node/app/vscode.ts
@@ -128,8 +128,7 @@ export class VscodeHttpProvider extends HttpProvider {
 
     switch (route.base) {
       case "/":
-        // Only serve this at the root.
-        if (route.requestPath && route.requestPath !== "/index.html") {
+        if (!this.isRoot(route)) {
           throw new HttpError("Not found", HttpCode.NotFound)
         } else if (!this.authenticated(request)) {
           return { redirect: "/login", query: { to: this.options.base } }
diff --git a/src/node/http.ts b/src/node/http.ts
index a3a6ed93..1656e0a2 100644
--- a/src/node/http.ts
+++ b/src/node/http.ts
@@ -359,6 +359,14 @@ export abstract class HttpProvider {
     }
     return cookies as T
   }
+
+  /**
+   * Return true if the route is for the root page. For example /base, /base/,
+   * or /base/index.html but not /base/path or /base/file.js.
+   */
+  protected isRoot(route: Route): boolean {
+    return !route.requestPath || route.requestPath === "/index.html"
+  }
 }
 
 /**