Documentation
¶
Index ¶
- Variables
- func CanonicalizeAndValidateNavPath(path string) (string, error)
- func DecodePathSegments(path string) ([]string, error)
- func DecodeSegment(segment string, isCatchAll bool) (string, error)
- func SafePathUnescape(path string) (string, error)
- func SplitPathAndQuery(input string) (path, query string)
- type CanonicalizeResult
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidPath = errors.New("invalid path") ErrBackslashInPath = errors.New("path contains backslash") ErrNullByteInPath = errors.New("path contains null byte") ErrInvalidPercentEscape = errors.New("invalid percent escape sequence") ErrPathEscapesRoot = errors.New("path escapes root via ..") ErrEncodedSlashInSegment = errors.New("encoded slash (%2F) in non-catch-all segment") )
Path canonicalization errors.
Functions ¶
func CanonicalizeAndValidateNavPath ¶
CanonicalizeAndValidateNavPath canonicalizes and validates a navigation path. This is used for NAV_* patches and ctx.Navigate() to ensure security.
Per Section 4.2 (Full Navigation), NAV_* payloads MUST be relative paths only:
- MUST start with "/"
- MUST NOT be a full URL (no "http://", "https://", "//")
Returns the canonicalized path with query string, or an error if invalid.
func DecodePathSegments ¶
DecodePathSegments decodes all segments of a path. This splits the path by "/" and decodes each segment individually. For catch-all segments, the full remainder is decoded but "/" is preserved.
func DecodeSegment ¶
DecodeSegment decodes a single path segment. For non-catch-all params, if decoding produces "/" (i.e., %2F was present), this returns an error as it indicates a path smuggling attempt.
func SafePathUnescape ¶
SafePathUnescape decodes percent-escapes in a path while preserving encoded path separators (%2F, %5C). This prevents path smuggling where different layers interpret separators differently.
func SplitPathAndQuery ¶
SplitPathAndQuery splits a path into path and query components. The query is returned without the leading "?".
Types ¶
type CanonicalizeResult ¶
type CanonicalizeResult struct {
// Path is the canonicalized path (without query string).
Path string
// Query is the query string (without leading "?").
Query string
// Changed indicates if the path was modified during canonicalization.
Changed bool
}
CanonicalizeResult contains the result of path canonicalization.
func CanonicalizePath ¶
func CanonicalizePath(input string) (CanonicalizeResult, error)
CanonicalizePath normalizes a URL path according to the routing contract.
Per Section 1.2 (Path Canonicalization), the following transformations are applied:
- Remove trailing slash (except for root "/")
- Collapse multiple slashes (/blog//post → /blog/post)
- Remove "." segments (/blog/./post → /blog/post)
- Resolve ".." segments (/blog/../other → /other)
The following inputs are rejected with an error:
- Paths containing backslash (\)
- Paths containing NUL byte (%00)
- Invalid percent-escapes (e.g., %GG, %2)
- ".." that would escape root (e.g., /../secret)
The input may include a query string, which is preserved but not canonicalized.
Source Files