#639 HTTP redirect for dir → dir/ causes endless loop
What steps will reproduce the problem?
1. Enable mod_http_files and point to a directory that contains a subdirectory
2. GET /files/subdir/
What is the expected output?
200 OK and index.html or 403 if no index found
What do you see instead?
301 redirect to same path
What version of the product are you using?
Affects 0.9, 0.10 and trunk
The first bad revision is:
mod_http_files: Santize the path relative to our base URL before translating it to a filesystem path, fixes a relative path traversal vulnerability
The cause appears to be that <code>sanitize_path("subdir/")</code> returns "/subdir". Then the code that is meant to redirect /subdir to /subdir/ does its thing.