summaryrefslogtreecommitdiff
path: root/vendor/github.com/gin-gonic/gin/gin.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/gin-gonic/gin/gin.go')
-rw-r--r--vendor/github.com/gin-gonic/gin/gin.go9
1 files changed, 8 insertions, 1 deletions
diff --git a/vendor/github.com/gin-gonic/gin/gin.go b/vendor/github.com/gin-gonic/gin/gin.go
index 551356974..f95e5dda5 100644
--- a/vendor/github.com/gin-gonic/gin/gin.go
+++ b/vendor/github.com/gin-gonic/gin/gin.go
@@ -11,6 +11,7 @@ import (
"net/http"
"os"
"path"
+ "regexp"
"strings"
"sync"
@@ -40,6 +41,9 @@ var defaultTrustedCIDRs = []*net.IPNet{
},
}
+var regSafePrefix = regexp.MustCompile("[^a-zA-Z0-9/-]+")
+var regRemoveRepeatedChar = regexp.MustCompile("/{2,}")
+
// HandlerFunc defines the handler used by gin middleware as return value.
type HandlerFunc func(*Context)
@@ -166,7 +170,7 @@ type Engine struct {
trustedCIDRs []*net.IPNet
}
-var _ IRouter = &Engine{}
+var _ IRouter = (*Engine)(nil)
// New returns a new blank Engine instance without any middleware attached.
// By default, the configuration is:
@@ -668,6 +672,9 @@ func redirectTrailingSlash(c *Context) {
req := c.Request
p := req.URL.Path
if prefix := path.Clean(c.Request.Header.Get("X-Forwarded-Prefix")); prefix != "." {
+ prefix = regSafePrefix.ReplaceAllString(prefix, "")
+ prefix = regRemoveRepeatedChar.ReplaceAllString(prefix, "/")
+
p = prefix + "/" + req.URL.Path
}
req.URL.Path = p + "/"
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-13 11:05:32 +0000