pathutil

package
v5.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 14, 2026 License: MIT Imports: 0 Imported by: 0

Documentation

Overview

Package pathutil holds internal helpers for safely handling request and file paths. It is internal so it can be shared between the echo package and the middleware package without becoming part of the public API.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HasEncodedPathSeparator 

func HasEncodedPathSeparator(s string) bool

HasEncodedPathSeparator reports whether s contains a percent-encoded path separator, case-insensitively: %2F/%2f (forward slash) or %5C/%5c (backslash). Backslash is included as defense-in-depth against Windows-style separators even though fs.FS itself only uses forward slashes.

Such sequences let an attacker smuggle a separator past the router, which by default matches on the raw encoded path, so they must be rejected before unescaping when resolving static files.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.