HTTP::path -normalized (TMOS 13) issue?
According to the Wiki,
HTTP::path -normalized
should do:
the normalization involves lower-casing, removing unnecessary directory traversals, convert from microsoft style %uxxxx form to the standard %xx hex form, bytes not allowed in a uri are normalised to their percent-encoded representation, bytes percent-encoded when they don't need to be are changed to their normal representation
My experience (TMOS 13.1) is that:
- conversion to lower case does not work at all!
is converted to"%2E%2E"
(OK)".."
is converted to"/foo/../bar"
(OK)"/bar"
However (FAIL):
is (only) converted to"/foo/%2E%2E/bar"
."/foo/../bar"
It seems that directory traversal normalization is (incorrectly) performed before %-normalization. I would expect to first do %-normalization and then normalize directory traversal...
So, in order to perform normalization correctly, I need to do this (I need to retain the original URI in the request to the pool member):
set origPath [HTTP::path]
set normPath [string tolower [HTTP::path -normalized]]
HTTP::path $normPath
set normPath [HTTP::path -normalized]
HTTP::path $origPath
log local0. "Path : \"$origPath\" --> \"$normPath\""
I would have expected to do this, though:
set normPath [HTTP::path -normalized]
log local0. "Path : \"[HTTP::path]\" --> \"$normPath\""
Is there a more elegant way to perform normalization on the URI/PATH?
And can this be fixed, please?