Open redirect

[Timvde]

We found an open redirect in dapperdox. Installed latest version (1.2.1) with go get.

Steps to reproduce:

• Download and compile dapperdox
• dapperdox --spec-dir=examples/specifications/petstore
• Browse to http://localhost:3123//%5cexample.com

Result: http://example.com loads Expected result: 404 page

[Timvde]

I just noticed that the 1.2.1 I got from go get isn't the latest... I'll try again with 1.2.2. But it doesn't seem to be a new issue, since we originally found it in 1.1.1.

Edit: confirmed still an issue in 1.2.2.

[Timvde]

I debugged this and submitted a PR to pat: https://github.com/gorilla/pat/pull/20. So far, no response yet.