You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Created a simple file server using http.FileServer to serve a directory containing a file with a colon (":") in the name.
package main
import"net/http"funcmain() {
http.Handle("/", http.FileServer(http.Dir("files")))
http.ListenAndServe("127.0.0.1:8000", nil)
}
# ls -1 files
normal_file
weird:file
What did you expect to see?
On browsing to 127.0.0.1:8000 I expected a list of the two files shown above and that I would be able to retrieve their contents by clicking their respective links.
What did you see instead?
I was able to retrieve normal_file, but selecting weird:file appeared to do nothing. Viewing the source, it became apparent that the browser was interpreting weird: as the scheme.
A path segment that contains a colon character (e.g., "this:that")
cannot be used as the first segment of a relative-path reference, as
it would be mistaken for a scheme name. Such a segment must be
preceded by a dot-segment (e.g., "./this:that") to make a relative-
path reference.
I think the correct place to resolve the behavior is in URL.String(). It's comment states String reassembles the URL into a valid URL string., which is not accurate in this case of only a relative path with a colon in the first segment.
I'd be happy to contribute a fix. I believe adding the below before writing the path would correct the behavior for the specific case, without affecting the output otherwise.
I found that the original issue with http.FileServer was resolved by https://go-review.googlesource.com/#/c/27440/. This can be closed if that is the correct solution rather than modifying URL.String().
Just to clarify, should I take the closing of the issue to mean that it is not a bug in net/url? The CL I linked only fixes it for http.FileServer. To me, it's really a bug in net/url since URL.String can return an invalid URL.
What version of Go are you using (
go version
)?go version go1.7.1 darwin/amd64
What operating system and processor architecture are you using (
go env
)?What did you do?
Created a simple file server using
http.FileServer
to serve a directory containing a file with a colon (":") in the name.What did you expect to see?
On browsing to
127.0.0.1:8000
I expected a list of the two files shown above and that I would be able to retrieve their contents by clicking their respective links.What did you see instead?
I was able to retrieve
normal_file
, but selectingweird:file
appeared to do nothing. Viewing the source, it became apparent that the browser was interpretingweird:
as the scheme.Per RFC 3986, Section 4.2:
I think the correct place to resolve the behavior is in URL.String(). It's comment states
String reassembles the URL into a valid URL string.
, which is not accurate in this case of only a relative path with a colon in the first segment.I'd be happy to contribute a fix. I believe adding the below before writing the path would correct the behavior for the specific case, without affecting the output otherwise.
This produces:
The text was updated successfully, but these errors were encountered: