Function scoped_resolve 

pub fn scoped_resolve<R: AsRef<Path>, U: AsRef<Path>>(
    root: R,
    unsafe_path: U,
) -> Result<PathBuf>

Resolve unsafe_path to a relative path, rooted at and constrained by root.

The scoped_resolve() function assumes root exists and is an absolute path. It processes each path component in unsafe_path as below:

• assume it’s not a symlink and output if the component doesn’t exist yet.
• ignore if it’s “/” or “.”.
• go to parent directory but constrained by root if it’s “..”.
• recursively resolve to the real path if it’s a symlink. All symlink resolutions will be constrained by root.
• otherwise output the path component.

Arguments

• root: the absolute path to constrain the symlink resolution.
• unsafe_path: the path to resolve.

Note that the guarantees provided by this function only apply if the path components in the returned PathBuf are not modified (in other words are not replaced with symlinks on the filesystem) after this function has returned. You may use crate::PinnedPathBuf to protect from such TOCTOU attacks.