From b5175238fbc4add136145ee7c0079afb6edcbf1a Mon Sep 17 00:00:00 2001
From: "L. Karkkainen" <tronic@users.noreply.github.com>
Date: Fri, 27 Jan 2023 05:31:52 +0000
Subject: [PATCH] URL sanitation.

---
 sanic/handlers/directory.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sanic/handlers/directory.py b/sanic/handlers/directory.py
index 1a787689..4a359b44 100644
--- a/sanic/handlers/directory.py
+++ b/sanic/handlers/directory.py
@@ -9,7 +9,7 @@ from typing import Any, Coroutine, Dict, Iterable, Optional, Union, cast
 from sanic.exceptions import SanicIsADirectoryError
 from sanic.pages.autoindex import AutoIndex, FileInfo
 from sanic.request import Request
-from sanic.response import file, html
+from sanic.response import file, html, redirect
 from sanic.response.types import HTTPResponse
 
 
@@ -31,6 +31,10 @@ class DirectoryHandler:
             return file(index_file)
 
     def index(self):
+        # Remove empty path elements, append slash
+        if "//" in self.url or not self.url.endswith("/"):
+            return redirect("/" + "".join([f"{p}/" for p in self.url.split("/") if p]))
+        # Render file browser
         page = AutoIndex(self._iter_files(), self.url)
         return html(page.render())