Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ContentDisposition class cannot parse quoted filename with ; [SPR-16091] #20640

Closed
spring-issuemaster opened this issue Oct 20, 2017 · 2 comments

Comments

Projects
None yet
4 participants
@spring-issuemaster
Copy link
Collaborator

commented Oct 20, 2017

Szava Jeno Maczika opened SPR-16091 and commented

Trying to parse a filename containing a semicolon in the name will cause ContentDisposition class to throw

java.lang.IllegalArgumentException: Invalid content disposition format

This is due to the StringTokenizer with ";" does not ignore quoted, it's possible to solve with a negative lookahead regexp:

https://stackoverflow.com/questions/1757065/java-splitting-a-comma-separated-string-but-ignoring-commas-in-quotes

This was working for us in a similar case, but I am not sure what's the performance impact using this in spring-web.

@Test
public void parseQuotedFileNameWithSemicolon() {
     ContentDisposition disposition = ContentDisposition
               .parse("attachment; filename=\"filename with ; semicolon.txt\"");
     assertEquals(ContentDisposition.builder("attachment")
               .filename("filename with ; semicolon.txt.txt").build(), disposition);
}

Affects: 5.0 GA

Referenced from: commits 1c256a1

@tvdinh

This comment has been minimized.

Copy link

commented Jun 5, 2019

@spring-issuemaster Hi, is this change expected to be available in spring-web-5.1.6 release ? Looks like it's not... Which spring-web version can I expect this fix ? Thanks.

@sbrannen

This comment has been minimized.

Copy link
Member

commented Jun 5, 2019

This fix has been available since Spring Framework 5.0.1.

See 1c256a1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.