bug: do not treat ./ as invalid uri

Co-authored-by: Pavel Balaev <balaev@tarantool.org>

Closes #171

CHANGELOG.md

@@ -10,6 +10,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - Add versioning support.
 
+### Fixed
+
+- Allow dot in path segment.
+
 ## [1.4.0] - 2022-12-30
 
 ### Added

http/server.lua

@@ -746,10 +746,17 @@ local function parse_request(req)
     end
     p.path_raw = p.path
     p.path = uri_unescape(p.path)
-    if p.path:sub(1, 1) ~= "/" or p.path:find("./", nil, true) ~= nil then
+    if p.path:sub(1, 1) ~= "/" then
         p.error = "invalid uri"
         return p
     end
+    for _, path_segment in ipairs(p.path:split('/')) do
+        if path_segment == "." or path_segment == ".." then
+            p.error = "invalid uri"
+            return p
+        end
+    end
+
     return p
 end
 

test/integration/http_server_requests_test.lua

@@ -417,3 +417,8 @@ g.test_content_type_header_without_render = function()
     t.assert_equals(r.status, 200)
     t.assert_equals(r.headers['content-type'], 'text/plain; charset=utf-8', 'content-type header')
 end
+
+g.test_get_dot_slash = function()
+    local r = http_client.get(helpers.base_uri .. '/aba./')
+    t.assert_equals(r.status, 200)
+end

test/integration/http_server_url_match_test.lua

@@ -40,6 +40,8 @@ g.test_server_url_match = function()
                    '/aba*def', '/aba-123-dea/1/2/3')
     t.assert_equals(httpd:match('GET', '/aba-123-dea/1/2/3').stash.def,
                    '-123-dea/1/2/3', '/aba-123-dea/1/2/3')
+    t.assert_equals(httpd:match('GET', '/aba/./').endpoint.path, '/aba*def')
+    t.assert_equals(httpd:match('GET', '/aba/./').stash.def, '/.')
     t.assert_equals(httpd:match('GET', '/abb-123-dea/1/2/3/cde').endpoint.path,
                    '/abb*def/cde', '/abb-123-dea/1/2/3/cde')
     t.assert_equals(httpd:match('GET', '/abb-123-dea/1/2/3/cde').stash.def,