It's not a huge problem, it's not very prominent. No way to delete posts at present, they can be downvoted/flagged, but I think with the caveats above attached it's fine, it might even do some good as this pattern has spread to a lot of places, and it's good for people to be aware not to trust user input.
Yes, there is a function in the stdlib to do just this, so better to use that. In particular, I wouldn't do this: path := r.URL.Path[1:] - taking the path from user input without cleaning it at all is a bit dangerous, I think they have guards now in http.FileServer, but I would clean it as soon as you use it to prevent directory traversal, whatever method you're using. So I think the link you have provided is a far better starting point.
I tend not to downvote links like this though which are well-meaning but a little flawed, so have just left it at 1 - would rather keep downvotes for actual bad behaviour and spam.