Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/depp/safepath

Go library which checks that file paths are safe to use
https://github.com/depp/safepath

Last synced: 12 months ago
JSON representation

Go library which checks that file paths are safe to use

Awesome Lists containing this project

README 

          
# SafePath: Path Sanitizing



SafePath checks that pathnames are safe for use.



## Installation



SafePath can be installed with the `go get` command.



```shell

go get github.com/depp/safepath

```



## Usage



```go

import "github.com/depp/safepath"

```



To check if a filename, choose a combination of `Rules` flags and call the `CheckPathSegment()` function. For example, the `URLUnescaped` rule rejects any path which would require percent-encoding when used in a URL.



```go

rules := safepath.URLUnescaped

filename := "my_file.txt"

if err := rules.CheckPathSegment(filename); err != nil {

    return err

}

```



Relative paths can be checked with the `CheckPath()` function. Note that this function only recognizes the path separator /, it does not recognize \\.



```go

rules := safepath.URLUnescaped

filepath := "directory/my_file.txt"

if err := rules.CheckPathSegment(filepath); err != nil {

    return err

}

```



Error messages from this library are descriptive. Some examples:



```

Error: invalid path "/": path is absolute

Error: invalid path segment "NUL.TXT": uses reserved Windows filename "nul"

```



## Unicode



The notion of “safe” in Unicode is a bit difficult to define. This library does not have a comprehensive notion of safety for non-ASCII characters. Currently, there are only two rules that affect non-ASCII characters: `ValidUTF8` and `ASCIIOnly`.



## License



SafePath is provided under the MIT license. See LICENSE.txt for details.