Handle POST data with no Content-Type properly #536

Closed
wants to merge 1 commit into
from

Projects

None yet

2 participants

@competent-hack

This commit fixes an issue with Rack where it erroneously assumes 
that a POST request with no Content-Type should be treated as 
"application/x-www-form-urlencoded" or "multipart/form-data" causing 
failures when binary data is posted.

This is related to the following Sinatra issue: 
sinatra/sinatra#514

Section 7.2.1 of the HTTP/1.1 spec
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec7.html#sec7.2.1) says:

Any HTTP/1.1 message containing an entity-body SHOULD include a
Content-Type header field defining the media type of that body.
If and only if the media type is not given by a Content-Type field,
the recipient MAY attempt to guess the media type via inspection of
its content and/or the name extension(s) of the URI used to identify
the resource. If the media type remains unknown, the recipient SHOULD
treat it as type "application/octet-stream".

Please let me know if there are any questions/concerns over the change.

-Competent Hack

@competent-hack competent-hack Handle POST data with no Content-Type properly
This commit fixes an issue with Rack where it erroneously assumes 
that a POST request with no Content-Type should be treated as 
"application/x-www-form-urlencoded" or "multipart/form-data" causing 
failures when binary data is posted.

This is related to the following Sinatra issue: 
sinatra/sinatra#514

Section 7.2.1 of the HTTP/1.1 spec 
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec7.html#sec7.2.1) says:

Any HTTP/1.1 message containing an entity-body SHOULD include a 
Content-Type header field defining the media type of that body. 
If and only if the media type is not given by a Content-Type field, 
the recipient MAY attempt to guess the media type via inspection of 
its content and/or the name extension(s) of the URI used to identify 
the resource. If the media type remains unknown, the recipient SHOULD 
treat it as type "application/octet-stream".
d8e34a8
@competent-hack

Hmmm... Seems that maybe I should have started by opening an issue instead of a pull request.

I'll take a look into fixing the relevant build issues and re-submit.

-Competent Hack

@raggi
Member
raggi commented Apr 22, 2013

Rack::Request is intended for convenience, convenience that you are removing herein. Please consider using a private subclass instead.

@raggi raggi closed this Apr 22, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment