Skip to main content

normalize_path

Function normalize_path 

Source
pub fn normalize_path(target: &str) -> Option<Cow<'_, str>>
Expand description

Normalize a request target’s PATH for routing and forwarding so the proxy and the origin agree on it (CWE-22 Path Traversal / CWE-436 Interpretation Conflict). Per-route filter chains are an access-control boundary, so route selection IS access control: a .. segment that selects a laxer route here but resolves to a stricter path at the upstream would bypass that route’s filters. The fast path normalizes once at ingress and then routes, runs the chain, and forwards on the SAME normalized path, so the origin cannot re-derive a different path.

Returns the normalized path[?query], or None to reject (the server fails closed with 400). Policy: reject control bytes, backslash, and percent-encoded separators/dots (%2e/%2f/%5c, ambiguous between front-end and back-end), then lexically remove ./.. segments; a .. that escapes the root is rejected. The query string (after ?) is preserved verbatim. A path with no ./.. segments — the overwhelming majority — is returned borrowed (Cow::Borrowed), so the per-request common case allocates nothing.