...
Producing canonical file names for Windows operating systems is extremely complex and beyond the scope of this standard. The best advice is to try to avoid making decisions based on a path, directory, or file name [[Howard 2002|Bibliography#Howard 2002]. Alternatively, use operating-system-based mechanisms, such as access control lists (ACLs) or other authorization techniques.
...
[Wall 2011] Cwd
[CPAN] Slaymaker, Barrie. File::PathConvert, Müller, Steffen. File::Spec
[Howard 2002] Chapter 11, "Canonical Representation Issues"
Vulnerability Note VU#764027: "zml.cgi does not adequately validate user input thereby allowing directory traversal"
Vulnerability Note VU#806091: "Mike Spice's My Calendar does not adequately validate user input"
...