Skip to content

shuttle-hq/tower-sanitize-path

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

.github/workflows

.github/workflows

 
 

src

src

 
 

.envrc

.envrc

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

shell.nix

shell.nix

 
 

Repository files navigation

Tower middleware to sanitize paths.

Any sort of path traversal techniques used to access the underlying filesystem will be removed from the request's paths. For example, a request with /../../passwd will become /passwd before being passed to inner services.

Example

use http::{Request, Response, StatusCode};
use hyper::Body;
use std::{iter::once, convert::Infallible};
use tower::{ServiceBuilder, Service, ServiceExt};
use tower_sanitize_path::SanitizePathLayer;

# #[tokio::main]
# async fn main() -> Result<(), Box<dyn std::error::Error>> {
async fn handle(req: Request<Body>) -> Result<Response<Body>, Infallible> {
    // `req.uri().path()` will not be usable to traverse the filesystem
    # Ok(Response::new(Body::empty()))
}

let mut service = ServiceBuilder::new()
    // sanitize the paths
    .layer(SanitizePathLayer)
    .service_fn(handle);

// call the service
let request = Request::builder()
    // `handle` will see `/secret`
    .uri("/../../secret")
    .body(Body::empty())?;

service.ready().await?.call(request).await?;
#
# Ok(())
# }

About

Tower middleware to sanitize paths on requests

docs.rs/tower-sanitize-path

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

7 watching

Forks

1 fork
Report repository

Contributors 2

  •  
  •  

Languages