From: Joshua Peek <josh@joshpeek.com>
To: rack-devel@googlegroups.com
Subject: Re: Ad. Improve multipart parsing support for UAs that don't correctly escape Content-Disposition filenames.
Date: Thu, 21 Jan 2010 08:07:59 -0600 [thread overview]
Message-ID: <1c5622661001210607j2bd60f7ct92e7daeca4393cad@mail.gmail.com> (raw)
In-Reply-To: <e064621a1001210454j4b59eec2w63ddaf40f4819fb9@mail.gmail.com>
On Thu, Jan 21, 2010 at 6:54 AM, Christian Neukirchen
<chneukirchen@gmail.com> wrote:
> http://github.com/rack/rack/commit/a36ac970fd682f07c3e57756542791679f5fcf84
>
> We spell quotes as quotes, right?
lol, i spelled it right half the time. Will fix.
> Also I think test/multipart/filename_with_unescaped_qoutes will likely
> break correct behavior, but I can't show that atm.
Its common for users to upload files like: My "Report".txt which is
failing on Rails 2.3 forward. We're going run this new parser on some
exceptions we've been getting related to file uploads to make sure it
covers most of those cases and doesn't break anything that we expected
to work before.
The intent is to have it parse filename according to the rfc if not
fallback and try to guess whats broken. The first pass looks for
correctly formatted value and extracts it according to rfc 2183. If it
doesn't match and has unescaped quotes that will fail and it will try
to parse it more liberally.
I worked on this with the help of Sam Ruby who is part of the W3C
html5 working group.
All multipart parser changes need to have tests going forward:
* http://github.com/rack/rack/commit/337b758bfecc16d1401c336fb38684296dc280db
* http://github.com/rack/rack/commit/6674f3652ed19136802a0b84f1923f0b78052442
We should consider doing a 1.1.1 soon.
--
Joshua Peek
prev parent reply other threads:[~2010-01-21 14:08 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-21 12:54 Ad. Improve multipart parsing support for UAs that don't correctly escape Content-Disposition filenames Christian Neukirchen
2010-01-21 14:07 ` Joshua Peek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://groups.google.com/group/rack-devel
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1c5622661001210607j2bd60f7ct92e7daeca4393cad@mail.gmail.com \
--to=rack-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).