可以“双点"成为URL路径部分的一部分
问题描述:
像下面的示例一样,在URL中使用父目录双点字是否安全有效?
Is it valid and safe to use the parent directory double-dots inside an URL like in the following example:
http://example.com/path/../to/file.jpg
答
RFC3986 定义URI.
它描述了路径是如何分层的以及如何...
It describes how paths are hierarchical, and how...
路径段为."和"..",也称为点段
The path segments "." and "..", also known as dot-segments
...以类似于文件系统路径的方式工作.
... work in a similar way to filesystem paths.
它还描述了相对分辨率"的规则,其中可能删除了.和 .. .
It also describes rules for "relative resolution" in which . and .. may be removed.
从本质上讲,这是合法的,并且可以满足您的期望.
Essentially, it is legal and does what you expect.