From 873cba3e7cdecf33937e7bc28c966d81b8d97c78 Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Sat, 15 Feb 2025 10:19:44 +0800
Subject: {http_server,url}.go: Fix redirects

r.URL.Path contains URL segments already decoded which makes it
impossible to distinguish from an encoded %2F and a path separator /.
We introduce redirect_with_slash which checks it properly.

There is still an occurence of r.URL.Path in the commit handler, but
that's going to get a major revamp anyway so I'm not bothering to fix
that for now. :/
---
 url.go | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'url.go')

diff --git a/url.go b/url.go
index 86a3c6e..7712639 100644
--- a/url.go
+++ b/url.go
@@ -11,7 +11,7 @@ import (
 
 var (
 	err_duplicate_ref_spec = errors.New("Duplicate ref spec")
-	err_no_ref_spec        = errors.New("No ref spec")
+	err_no_ref_spec		= errors.New("No ref spec")
 )
 
 func get_param_ref_and_type(r *http.Request) (ref_type, ref string, err error) {
@@ -63,3 +63,22 @@ func parse_request_uri(request_uri string) (segments []string, params url.Values
 
 	return
 }
+
+func redirect_with_slash(w http.ResponseWriter, r *http.Request) bool {
+	request_uri := r.RequestURI
+
+	path_end := strings.IndexAny(request_uri, "?#")
+	var path, rest string
+	if path_end == -1 {
+		path = request_uri
+	} else {
+		path = request_uri[:path_end]
+		rest = request_uri[path_end:]
+	}
+
+	if !strings.HasSuffix(path, "/") {
+		http.Redirect(w, r, path+"/"+rest, http.StatusSeeOther)
+		return true
+	}
+	return false
+}
-- 
cgit v1.2.3