11package io .quarkus .vertx .http .runtime ;
22
3- import java .net .URI ;
43import java .util .Set ;
54
65import io .vertx .core .http .HttpHeaders ;
6+ import io .vertx .core .http .impl .HttpUtils ;
77import io .vertx .core .http .impl .MimeMapping ;
8+ import io .vertx .core .net .impl .URIDecoder ;
89import io .vertx .ext .web .RoutingContext ;
910import io .vertx .ext .web .handler .StaticHandler ;
1011
@@ -17,18 +18,24 @@ private RoutingUtils() throws IllegalAccessException {
1718 /**
1819 * Get the normalized and decoded path:
1920 * - normalize based on RFC3986
20- * - convert % encoded characters to their non encoded form (using {@link java.net.URI})
21+ * - convert % encoded characters to their non encoded form (using {@link URIDecoder#decodeURIComponent})
22+ * - remove relative dots in path
23+ * - replace '\' with '/'
2124 * - invalid if the path contains '?' (query section of the path)
2225 *
2326 * @param ctx the RoutingContext
2427 * @return the normalized and decoded path or null if not valid
2528 */
2629 public static String getNormalizedAndDecodedPath (RoutingContext ctx ) {
2730 String normalizedPath = ctx .normalizedPath ();
28- if (normalizedPath .contains ( "?" ) ) {
31+ if (normalizedPath .indexOf ( '?' ) != - 1 ) {
2932 return null ;
3033 }
31- return URI .create (normalizedPath ).getPath ();
34+ if (normalizedPath .indexOf ('%' ) == -1 ) {
35+ return normalizedPath ;
36+ }
37+ final String uriDecodedPath = URIDecoder .decodeURIComponent (normalizedPath );
38+ return toUnixPathWithoutDots (uriDecodedPath );
3239 }
3340
3441 /**
@@ -67,6 +74,10 @@ public static void compressIfNeeded(VertxHttpBuildTimeConfig config, Set<String>
6774 }
6875 }
6976
77+ private static String toUnixPathWithoutDots (String path ) {
78+ return HttpUtils .removeDots (path .replace ('\\' , '/' ));
79+ }
80+
7081 private static boolean isCompressed (Set <String > compressMediaTypes , String path ) {
7182 if (compressMediaTypes .isEmpty ()) {
7283 return false ;
0 commit comments