uce/site/doc/pages/route_path_sanitize.txt

35 lines
951 B
Plaintext

:title
route_path_sanitize
:sig
String route_path_sanitize(String path, String default_path = "index")
:see
route_path_is_safe
route_path_normalize
request_query_path
request_query_route
request_context_params
:content
Normalizes and validates a route path for file-backed routing.
Rules:
- leading and trailing `/` are removed
- an empty path becomes `default_path`
- every path segment must be non-empty
- `.` and `..` segments are rejected
- only ASCII letters, digits, `_`, and `-` are accepted inside a segment
- unsafe input returns an empty string
Use this instead of manually checking app routes before composing file paths.
```cpp
route_path_sanitize("/workspace/projects/"); // "workspace/projects"
route_path_sanitize("../secret"); // ""
route_path_sanitize(""); // "index"
```
`request_query_path()`, `request_query_route()`, and the runtime-populated `ROUTE_PATH` params already use this sanitizer.