From f8a37df06ea2c56e552e6edb086ea1a5d0f2e258 Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Fri, 22 Jan 2016 10:13:49 -0500
Subject: [PATCH] Add some commenting

---
 vault/core.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/vault/core.go b/vault/core.go
index 115786ff4d..a904c46580 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -436,6 +436,12 @@ func (c *Core) HandleRequest(req *logical.Request) (resp *logical.Response, err
 		return nil, ErrStandby
 	}
 
+	// Allowing writing to a path ending in / makes it extremely difficult to
+	// understand user intent for the filesystem-like backends (generic,
+	// cubbyhole) -- did they want a key named foo/ or did they want to write
+	// to a directory foo/ with no (or forgotten) key, or...? It also affects
+	// lookup, because paths ending in / are considered prefixes by some
+	// backends. Basically, it's all just terrible, so don't allow it.
 	if strings.HasSuffix(req.Path, "/") &&
 		(req.Operation == logical.UpdateOperation ||
 			req.Operation == logical.CreateOperation) {