Skip to main content

path_variants

Function path_variants 

Source
pub fn path_variants(prefix: &str, target: &str) -> Vec<String>
Expand description

Generate every path-normalization differential variant for a target path, given a benign prefix to nest under.

prefix is the segment the WAF sees in the path (e.g. /public). target is the segment the origin will resolve to (e.g. /admin). Returns up to ~30 candidate paths, each of which RFC-3986-collapses to prefix + ../ + target then to just target.