Other notable features of gorilla/mux
We have seen two basic examples. What next? The gorilla/mux package provides many handy features that makes an API developer's life easy. It gives a lot of flexibility while creating routes. In this section, we try to discuss a few important features. The first feature of interest is generating a dynamic URL with the reverse mapping technique.
In simple words, reverse mapping a URL is getting the complete API route for an API resource. Reverse mapping is quite useful when we share links to our web application or API. However, in order to create a URL from data, we should associate a Name with the gorilla/mux route. You can name a multiplexer route, like this:
r.HandlerFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler).
Name("articleRoute")
Now, we can get a dynamically generated API route by using the url method:
url, err := r.Get("articleRoute").URL("category", "books", "id", "123")
fmt.Printf(url.Path) // prints /articles/books/123
If a route consists of the additional path parameters defined, we should pass that data as arguments to the URL method.
The next important feature of a URL router is path prefix. A path prefix is a wildcard route for matching all possible paths. It matches all the routes to the API server, post a root word. The general use case of path prefixes is a static file server. Then, when we serve files from a static folder, the API paths should match to filesystem paths to successfully return file content.
For example, if we define /static/ as a path prefix, every API route that has this root word as a prefix is routed to the handler attached.
These paths are matched:
- http://localhost:8000/static/js/jquery.min.js
- http://localhost:8000/static/index.html
- http://localhost:8000/static/some_file.extension
Using gorilla/mux's PathPrefix and StripPefix methods, we can write a static file server, like this:
r.PathPrefix("/static/").Handler(http.StripPrefix("/static/", http.FileServer(http.Dir("/tmp/static"))))
The next important feature is strict slash. A strict slash activated on a gorilla/mux router allows a URL to redirect to the same URL with / appended at the end and vice versa.
For example, let us say we have an /articles/ route that is attached to an ArticleHandler handler:
r.StrictSlash(true)
r.Path("/articles/").Handler(ArticleHandler)
In the preceding case, strict slash is set to true. The router then redirects even /articles (without '/' at the end) to the ArticleHandler. If it is set to false, the router treats both /articles/ and /articles as different paths.
The next important feature of a URL router is to match encoded path parameters. The gorilla/mux UseEncodedPath method can be called on a router to match encoded path parameters.
A server can receive encoded paths from a few clients. We can match the encoded path parameter, we can even match the encoded URL route and forward it to the given handler:
r.UseEncodedPath()
r.NewRoute().Path("/category/id")
This can match the following URL:
http://localhost:8000/books/2
As well as this:
http://localhost:8000/books%2F2
Where %2F2 stands for /2 in encoded form.
We are free to define routes for our application. Since routes are entry points to any API, developers should be careful about how they process the data received from a client. Clients can be attackers too, who can inject malicious scripts into the path or query parameters. That situation is called a security vulnerability. APIs are prone to a common application vulnerability called SQL injection. In the next section, we introduce it briefly and see possible countermeasure steps.