This extension is part of the Rack::Protection project. Run gem install rack-protection to have it available.


Prevented attack

Directory traversal

Supported browsers

all

More infos

en.wikipedia.org/wiki/Directory_traversal

</dl>

Unescapes ‘/’ and ‘.’, expands path_info. Thus GET /foo/%2e%2e%2fbar becomes GET /bar.