nixtaml/lib/uRI.ml, branch master [no description] Fix URI validation bypasses (Phase 1.3 updated) 2026-04-15T02:08:28+00:00 toastal 2026-04-15T02:08:28+00:00 90b97599704f3f62820841eb1828c519deceadf7 - Add url_decode function to handle percent-encoded sequences - Check both raw and URL-decoded paths for traversal attacks - Catch %2e%2e%2f (encoded ../) and similar bypasses - Improved path traversal detection for patterns like /etc/../passwd Fixes TPol-identified vulnerabilities: - URL-encoded path traversal bypasses - Missing path traversal detection in some patterns 
- Add url_decode function to handle percent-encoded sequences
- Check both raw and URL-decoded paths for traversal attacks
- Catch %2e%2e%2f (encoded ../) and similar bypasses
- Improved path traversal detection for patterns like /etc/../passwd

Fixes TPol-identified vulnerabilities:
- URL-encoded path traversal bypasses
- Missing path traversal detection in some patterns
 Add URI validation for security (Phase 1.3) 2026-04-15T01:58:39+00:00 toastal 2026-04-15T01:58:39+00:00 fe9270a88cb1c406769b0deb552c5f53fad7e656 Add validate function to uRI.ml that checks for: - Acceptable schemes: http, https, ftp, sftp, file, ssh, git, darcs, pijul, fossil - Path traversal attacks (../, ..\ patterns) Returns Result type with specific error variants for invalid schemes and path traversal attempts. All 17 tests pass. 
Add validate function to uRI.ml that checks for:
- Acceptable schemes: http, https, ftp, sftp, file, ssh, git, darcs, pijul, fossil
- Path traversal attacks (../, ..\ patterns)

Returns Result type with specific error variants for invalid schemes
and path traversal attempts.

All 17 tests pass.
 QCheck: update naming 2026-01-02T07:51:48+00:00 ยท๐‘‘๐‘ด๐‘•๐‘‘๐‘ฉ๐‘ค 2026-01-02T07:51:48+00:00 9fe41916f5fed253052ae287b1ee29793057d50e 






add URI module
2025-12-11T20:48:32+00:00

ยท๐‘‘๐‘ด๐‘•๐‘‘๐‘ฉ๐‘ค

2025-12-11T20:48:32+00:00

0d7fa712f20bc02d20153e78704f59c89f8a5361