pub fn normalize_path(target: &str) -> Option<Cow<'_, str>>Expand description
Normalize a request target’s PATH for routing and forwarding so the proxy and the origin agree
on it (CWE-22 Path Traversal / CWE-436 Interpretation Conflict). Per-route filter chains
are an access-control boundary, so route selection IS access control: a .. segment that selects
a laxer route here but resolves to a stricter path at the upstream would bypass that route’s
filters. The fast path normalizes once at ingress and then routes, runs the chain, and forwards
on the SAME normalized path, so the origin cannot re-derive a different path.
Returns the normalized path[?query], or None to reject (the server fails closed with 400).
Policy: reject control bytes, backslash, and percent-encoded separators/dots (%2e/%2f/%5c,
ambiguous between front-end and back-end), then lexically remove ./.. segments; a .. that
escapes the root is rejected. The query string (after ?) is preserved verbatim.
A path with no ./.. segments — the overwhelming majority — is returned borrowed
(Cow::Borrowed), so the per-request common case allocates nothing.