class Rack::Protection::PathTraversal

def cleanup(path)
  if path.respond_to?(:encoding)
    # Ruby 1.9+ M17N
    encoding = path.encoding
    dot   = '.'.encode(encoding)
    slash = '/'.encode(encoding)
    backslash = '\\'.encode(encoding)
  else
    # Ruby 1.8
    dot   = '.'
    slash = '/'
    backslash = '\\'
  end
  parts     = []
  unescaped = path.gsub(/%2e/i, dot).gsub(/%2f/i, slash).gsub(/%5c/i, backslash)
  unescaped = unescaped.gsub(backslash, slash)
  unescaped.split(slash).each do |part|
    next if part.empty? or part == dot
    part == '..' ? parts.pop : parts << part
  end
  cleaned = slash + parts.join(slash)
  cleaned << slash if parts.any? and unescaped =~ %r{/\.{0,2}$}
  cleaned
end