rename trimMultipleSlashes to sanitizeURI

aldas · aldas · commit e3ef5aca543d · 2021-02-11T14:54:13.000+02:00
diff --git a/middleware/slash.go b/middleware/slash.go
@@ -60,7 +60,7 @@ func AddTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFunc
 
 				// Redirect
 				if config.RedirectCode != 0 {
-					return c.Redirect(config.RedirectCode, sanitizeUri(uri))
+					return c.Redirect(config.RedirectCode, sanitizeURI(uri))
 				}
 
 				// Forward
@@ -108,7 +108,7 @@ func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFu
 
 				// Redirect
 				if config.RedirectCode != 0 {
-					return c.Redirect(config.RedirectCode, sanitizeUri(uri))
+					return c.Redirect(config.RedirectCode, sanitizeURI(uri))
 				}
 
 				// Forward
@@ -120,7 +120,7 @@ func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFu
 	}
 }
 
-func sanitizeUri(uri string) string {
+func sanitizeURI(uri string) string {
 	// double slash `\\`, `//` or even `\/` is absolute uri for browsers and by redirecting request to that uri
 	// we are vulnerable to open redirect attack. so replace all slashes from the beginning with single slash
 	if len(uri) > 1 && (uri[0] == '\\' || uri[0] == '/') && (uri[1] == '\\' || uri[1] == '/') {

Original file line number	Diff line number	Diff line change
`@@ -60,7 +60,7 @@ func AddTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFunc`
`60`	`60`
`61`	`61`	`// Redirect`
`62`	`62`	`if config.RedirectCode != 0 {`
`63`		`- return c.Redirect(config.RedirectCode, sanitizeUri(uri))`
	`63`	`+ return c.Redirect(config.RedirectCode, sanitizeURI(uri))`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`// Forward`
`@@ -108,7 +108,7 @@ func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFu`
`108`	`108`
`109`	`109`	`// Redirect`
`110`	`110`	`if config.RedirectCode != 0 {`
`111`		`- return c.Redirect(config.RedirectCode, sanitizeUri(uri))`
	`111`	`+ return c.Redirect(config.RedirectCode, sanitizeURI(uri))`
`112`	`112`	`}`
`113`	`113`
`114`	`114`	`// Forward`
`@@ -120,7 +120,7 @@ func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFu`
`120`	`120`	`}`
`121`	`121`	`}`
`122`	`122`
`123`		`-func sanitizeUri(uri string) string {`
	`123`	`+func sanitizeURI(uri string) string {`
`124`	`124`	// double slash `\\`, `//` or even `\/` is absolute uri for browsers and by redirecting request to that uri
`125`	`125`	`// we are vulnerable to open redirect attack. so replace all slashes from the beginning with single slash`
`126`	`126`	`if len(uri) > 1 && (uri[0] == '\\' \|\| uri[0] == '/') && (uri[1] == '\\' \|\| uri[1] == '/') {`