# GoLang HTTP CONNECT Method

{{#include ../../banners/hacktricks-training.md}}

## CONNECT method

In the Go programming language, a common practice when handling HTTP requests, specifically using the `net/http` library, is the automatic conversion of the request path into a standardized format. This process involves:

- Paths ending with a slash (`/`) like `/flag/` are redirected to their non-slash counterpart, `/flag`.
- Paths containing directory traversal sequences such as `/../flag` are simplified and redirected to `/flag`.
- Paths with a trailing period as in `/flag/.` are also redirected to the clean path `/flag`.

However, an exception is observed with the use of the `CONNECT` method. Unlike other HTTP methods, `CONNECT` does not trigger the path normalization process. This behavior opens a potential avenue for accessing protected resources. By employing the `CONNECT` method alongside the `--path-as-is` option in `curl`, one can bypass the standard path normalization and potentially reach restricted areas.

The following command demonstrates how to exploit this behavior:

```bash
curl --path-as-is -X CONNECT http://gofs.web.jctf.pro/../flag
```

[https://github.com/golang/go/blob/9bb97ea047890e900dae04202a231685492c4b18/src/net/http/server.go\#L2354-L2364](https://github.com/golang/go/blob/9bb97ea047890e900dae04202a231685492c4b18/src/net/http/server.go#L2354-L2364)

{{#include ../../banners/hacktricks-training.md}}