Sanic static directory fails when folder name ends with ".."

[ekzhang]

Describe the bug

When serving a static file named a../b.txt with app.static(), the Sanic request handler gives a 400 status code instead of 200.

Code snippet

First file is called main.py.

from sanic import Sanic

app = Sanic(name="sanic_test")

app.static('/static', './static_files')

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=8000)

Then, make the file in question:

mkdir -p static_files/a../
cat "hello world" > static_files/a../b.txt

And run the server with python main.py, followed by a GET request.

$ curl http://localhost:8000/static/a../b.txt
⚠️ 400 — Bad Request
====================
Invalid URL

Expected behavior

The app.static() handler should serve the b.txt file with a 200 response code.

Environment (please complete the following information):

• OS: macOS and Linux
• Version 22.3.0

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If this is incorrect, please respond with an update. Thank you for your contributions.

[ChihweiLHBird]

This has been solved in the previous PRs. Feel free to reopen if there is still an issue.

Tested and is no longer reproducible.