Closed pchemguy closed 3 weeks ago
Hi! I understand your confusion, but this behavior is implemented by your browser directly and is a standard on the web:
https://datatracker.ietf.org/doc/html/rfc3986#section-4.2
It's commonly referred to as "protocol-relative URL". It is not widely used today, but I think SQLPage overriding the URLs entered by the website creators would be even more confusing...
Introduction
Redirects to links with leading double slashes may not be handled correctly. Redirect to "link":"//currencies_table.sql" interprets it as a URL containing the host part. While it does make certain sense, perhaps a better approach would be to check if the rest of the link is a valid path. If so, interpret it as such, removing one leading slash.
To Reproduce
Create index.sql with the following code and open it:
Actual behavior
SQLpage redirected to http://currencies_table.sql/
Expected behavior
If "/currencies_table.sql" is valid path, redirect to http://{host}:{port}/currencies_table.sql
Version information