From e9dc96acc222ad3c2abbb737e322dc276d48cadc Mon Sep 17 00:00:00 2001
From: Henrik Friedrichsen <henrik@affekt.org>
Date: Sun, 21 Jan 2018 19:15:25 +0100
Subject: [PATCH] ensure leading / if path component is a directory

This fixes Werkzeug-based and possibly other applications using
PATH_INFO.

CGI RFC3875[1] and PEP3333 state that PATH_INFO can be empty ("") or "/"
for application root paths, but some applications (Werkzeug/Flask)
except it to be "/". This diff ensures that.

Followup discussions:
https://github.com/reyk/httpd/issues/71
https://github.com/pallets/werkzeug/issues/1240

[1]: https://tools.ietf.org/html/rfc3875#section-4.1.5
[2]: https://www.python.org/dev/peps/pep-3333/#environ-variables
---
 httpd/httpd.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/httpd/httpd.c b/httpd/httpd.c
index 6d1d1ff..6586006 100644
--- a/httpd/httpd.c
+++ b/httpd/httpd.c
@@ -722,8 +722,12 @@ path_info(char *path)
 		*p = ch;
 
 		/* Break if the initial path component was found */
-		if (ret == 0)
+		if (ret == 0) {
+			/* ensure leading / if path component is a directory */
+			if (S_ISDIR(st.st_mode))
+				return (p - start - 1);
 			break;
+		}
 	}
 
 	return (p - start);