Is it necessary to SanitizeFilename()?

[pavantc]

I am trying to use dataplaneapi to manage haproxy config. During a recent exercise, there was a case where dealing with filenames with certain characters (+ and . other than the one for file extension) hit some unexpected errors. The issue boiled down to the fact that client-native sanitizes the filename.

Is it necessary to sanitize it? I tried looking at the git history but couldn't find much on why the change was introduced.

Any inputs here would be appreciated! Thank you!

[robschn]

Adding the calls:

❯ curl --user admin:$DAPI_PASS https://proxy.example/dapi/api/v3/services/haproxy/storage/ssl_certificates/api.crt+key.ecdsa
{"code":404,"message":"missing object: file api_crt_key.ecdsa doesn't exist in dir: /data/haproxy/api/ssl"}

So api.crt+.key.ecdsa is being called as api_crt_key.ecdsa swapping the + for _. We confirmed that this behavior is coming from the SanitizeFilename

❯ curl --user admin:$DAPI_PASS https://proxy.example/dapi/api/v3/services/haproxy/storage/ssl_certificates | jq
[
  {
    "description": "managed SSL file",
    "file": "/data/haproxy/api/ssl/api.crt+key.ecdsa",
    "storage_name": "api.crt+key.ecdsa"
  },
  {
    "description": "managed SSL file",
    "file": "/data/haproxy/api/ssl/api.crt+key.rsa",
    "storage_name": "api.crt+key.rsa"
  }
]