Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-4862

Default Multipart validation regex is invalid due to charset encoding

    XMLWordPrintableJSON

    Details

    • Flags:
      Important

      Description

      Struts 2.5.12 introduced a regex matches for multipart requests.
      Struts 2.5.13 fixed WW-4818 issue, still it does fails due to charset encoding being appended after the boundary marker (the regex does not match).

      Here's the header sent in browser's request:

      Content-Type: multipart/form-data; boundary=---------------------------207103069210263
      

      And this is the header handled in Struts' Dispatcher wrapRequest() method:

      multipart/form-data; boundary=---------------------------207103069210263;charset=UTF-8
      

      The issue seems to be related to the applyEncoding _method (called in _prepare method)

      Dispatcher.java
          private void applyEncoding(HttpServletRequest request, String encoding) {
              try {
                  if (!encoding.equals(request.getCharacterEncoding())) {
                      // if the encoding is already correctly set and the parameters have been already read
                      // do not try to set encoding because it is useless and will cause an error
                     request.setCharacterEncoding(encoding);
                  }
              } catch (Exception e) {
                  LOG.error("Error setting character encoding to '{}' - ignoring.", encoding, e);
              }
          }
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                lukaszlenart Lukasz Lenart
                Reporter:
                pperliti Paolo Perliti
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: