You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to RFC1341 [ http://www.w3.org/Protocols/rfc1341/7_2_Multipart.html ] :
The only mandatory parameter for the multipart Content-Type is the boundary parameter, which consists of 1 to 70 characters from a set of characters known to be very robust through email gateways, and NOT ending with white space. (If a boundary appears to end with white space, the white space must be presumed to have been added by a gateway, and should be deleted.) It is formally specified by the following BNF:
RFC 2616 points at RFC 2046, not RFC 1341. Why are you talking so much about whitespace removal when it is not even part of your proposal? Which browers send "*****" as a boundary? Do you have an actual example for a complete multipart HTTP message we can use in a unit test? No, i do not think we should just use the regex from CGI.pm, it is obviously incorrect.
Hi!
According to RFC1341 [ http://www.w3.org/Protocols/rfc1341/7_2_Multipart.html ] :
The only mandatory parameter for the multipart Content-Type is the boundary parameter, which consists of 1 to 70 characters from a set of characters known to be very robust through email gateways, and NOT ending with white space. (If a boundary appears to end with white space, the white space must be presumed to have been added by a gateway, and should be deleted.) It is formally specified by the following BNF:boundary := 0*69 bcharsnospace
bchars := bcharsnospace / " "
bcharsnospace := DIGIT / ALPHA / "'" / "(" / ")" / "+" /
"_"
/ "," / "-" / "." / "/" / ":" / "=" / "?"
Mojo has this, in Mojo::Content.pm :
sub boundary {
my $type = shift->headers->content_type || '';
$type =~ m!multipart.boundary="([a-zA-Z0-9'(),.:?-_+/]+)!i and return $1;
return undef;
}
It's correct. But some browsers send the boundary "*****". Asterisk are sent.
CGI.pm has this code:
my($boundary) = $ENV{'CONTENT_TYPE'} =~ /boundary="?([^\";,]+)"?/;
When CGI.pm is used for reading the browser request there isn't any problems. Parameters are read.
When Mojo::Content.pm is used it returns a Mojo::Content::Single object.
What do you think about change the Mojo::Content.pm regex as the one in CGI.pm?
The text was updated successfully, but these errors were encountered: