From b6b082dc7e969d96fa8f8fb0152af006e86a5bc8 Mon Sep 17 00:00:00 2001
From: Asad Ali <asad.ali@apimatic.io>
Date: Thu, 18 Jul 2024 12:03:12 +0500
Subject: [PATCH] refactor: fixes a security issue

---
 packages/core/src/http/requestBuilder.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/core/src/http/requestBuilder.ts b/packages/core/src/http/requestBuilder.ts
index 45d6614..316897c 100644
--- a/packages/core/src/http/requestBuilder.ts
+++ b/packages/core/src/http/requestBuilder.ts
@@ -674,9 +674,9 @@ function mergePath(left: string, right?: string): string {
     return left;
   }
   // remove all occurances of `/` (if any) from the end of left path
-  left = left.replace(new RegExp(`/+$`), '');
+  left = left.replace('/', ' ').trimEnd().replace(' ', '/');
   // remove all occurances of `/` (if any) from the start of right sub-path
-  right = right.replace(new RegExp(`^/+`), '');
+  right = right.replace('/', ' ').trimStart().replace(' ', '/');
 
   return `${left}/${right}`;
 }