net/http: invalid RAR sniff signature from the MIME Sniff spec #30926

odeke-em · 2019-03-19T14:23:45Z

I am coming here from CL https://go-review.googlesource.com/c/go/+/167781 created by @Gnouc's vigilance.

In particular it uses a wrong character for the 4th byte i.e.
0x20 " " for both RAR v5 and RAR v4 instead of 0x21 "!"

as per

Lines 188 to 189 in faa7fa0

    
           &exactSig{[]byte("Rar \x1A\x07\x00"), "application/x-rar-compressed"},     // RAR v1.5-v4.0 
        
           &exactSig{[]byte("Rar \x1A\x07\x01\x00"), "application/x-rar-compressed"}, // RAR v5+

The sniff signature that we got from the MIME sniff spec is wrong and that's acknowledged at
whatwg/mimesniff#63
but also the official RAR Labs website shows the correct signature as
https://www.rarlab.com/technote.htm#rarsign

gopherbot · 2019-03-19T15:02:59Z

Change https://golang.org/cl/167781 mentions this issue: net/http: fix wrong mime rar signature

odeke-em added this to the Go1.13 milestone Mar 19, 2019

gopherbot closed this in 349e7df Mar 19, 2019

golang locked and limited conversation to collaborators Mar 18, 2020

gopherbot added the FrozenDueToAge label Mar 18, 2020

golang / go

net/http: invalid RAR sniff signature from the MIME Sniff spec #30926

net/http: invalid RAR sniff signature from the MIME Sniff spec #30926

odeke-em commented Mar 19, 2019

gopherbot commented Mar 19, 2019

golang / go

net/http: invalid RAR sniff signature from the MIME Sniff spec #30926

net/http: invalid RAR sniff signature from the MIME Sniff spec #30926

Comments

odeke-em commented Mar 19, 2019

gopherbot commented Mar 19, 2019