New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mime/multipart: FormDataContentType doesn't properly use quoted-string #26532

FMNSSun opened this Issue Jul 22, 2018 · 2 comments


None yet
3 participants

FMNSSun commented Jul 22, 2018

I've noticed this while digging into #26521 but afaict ParseMediaType behaves correctly according to RFC 2045 but the FormDataContentType doesn't return quoted-string. The function mentions that it formats according to Content-Type header but RFC 2616 Sect. 2.2 also excludes special characters
for use in token and must be part of a quoted-string as well.

What version of Go are you using (go version)?

go 1.10.3

Does this issue reproduce with the latest release?


What did you do?

package main

import (

func main() {
	w := multipart.NewWriter(os.Stdout)
	err := w.SetBoundary("(boundary)")
	ct := w.FormDataContentType()
	_, _, err = mime.ParseMediaType(ct)
	fmt.Println(ct, err)


What did you expect to see?

multipart/form-data; boundary="(boundary)"

What did you see instead?

multipart/form-data; boundary=(boundary)

Which according to RFC 2045 and RFC 2616 is illegal as ( belongs to special characters that are only allowed in quoted-strings.


This comment has been minimized.


agnivade commented Jul 22, 2018


This comment has been minimized.

FMNSSun commented Jul 23, 2018

Also, the boundary needs to be properly escaped when put into a quoted-string (\ is a valid boundary character as well).

@bradfitz bradfitz added this to the Go1.12 milestone Jul 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment