Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mojo::Content does not accept multipart/form-data boundary "*****" #407

Closed
eduardoj opened this issue Oct 30, 2012 · 3 comments
Closed

Mojo::Content does not accept multipart/form-data boundary "*****" #407

eduardoj opened this issue Oct 30, 2012 · 3 comments

Comments

@eduardoj
Copy link

Hi!

According to RFC1341 [ http://www.w3.org/Protocols/rfc1341/7_2_Multipart.html ] :

The only mandatory parameter for the multipart Content-Type is the boundary parameter, which consists of 1 to 70 characters from a set of characters known to be very robust through email gateways, and NOT ending with white space. (If a boundary appears to end with white space, the white space must be presumed to have been added by a gateway, and should be deleted.) It is formally specified by the following BNF:

boundary := 0*69 bcharsnospace

bchars := bcharsnospace / " "

bcharsnospace := DIGIT / ALPHA / "'" / "(" / ")" / "+" /
"_"
/ "," / "-" / "." / "/" / ":" / "=" / "?"

Mojo has this, in Mojo::Content.pm :

sub boundary {
my $type = shift->headers->content_type || '';
$type =~ m!multipart.boundary="([a-zA-Z0-9'(),.:?-_+/]+)!i and return $1;
return undef;
}

It's correct. But some browsers send the boundary "*****". Asterisk are sent.

CGI.pm has this code:

my($boundary) = $ENV{'CONTENT_TYPE'} =~ /boundary="?([^\";,]+)"?/;

When CGI.pm is used for reading the browser request there isn't any problems. Parameters are read.

When Mojo::Content.pm is used it returns a Mojo::Content::Single object.

What do you think about change the Mojo::Content.pm regex as the one in CGI.pm?
@kraih
Copy link
Member

kraih commented Oct 30, 2012

RFC 2616 points at RFC 2046, not RFC 1341. Why are you talking so much about whitespace removal when it is not even part of your proposal? Which browers send "*****" as a boundary? Do you have an actual example for a complete multipart HTTP message we can use in a unit test? No, i do not think we should just use the regex from CGI.pm, it is obviously incorrect.

@kraih
Copy link
Member

kraih commented Oct 31, 2012

Closing this issue for now, will reopen if we get new information.

@kraih kraih closed this as completed Oct 31, 2012
@eduardoj
Copy link
Author

eduardoj commented Nov 2, 2012

Hi!

The browser that sends "*****" is an android application made with phonegap. Phonegap has been fixed a month ago:

https://github.com/apache/incubator-cordova-android/commit/3d627446019bce3cf7c2c9b134d2664a014ebe94

I will update phonegap.

Thank you for your time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eduardoj @kraih