I'm getting this output which I think is a false negative.
[URLDotEscape] A URL should not be able to escape the root using dot notation
Request URL
'gemini://[host]/../../\r\n'
Response header
'20 text/gemini\r\n'
Status should return a failure code (5X PERMANENT FAILURE)
x Received status of '20'
All the segments with /../ that go below the root are ignored on my server. (This seems to be the default behavior if you use the URL crate in Rust). So with the Requested URL the index.gmi will be served.
I'm getting this output which I think is a false negative.
All the segments with
/../that go below the root are ignored on my server. (This seems to be the default behavior if you use the URL crate in Rust). So with the Requested URL the index.gmi will be served.Thanks for this package by the way!