[WW-4862] Default Multipart validation regex is invalid due to charset encoding - ASF JIRA

Voters

Watch issue

Watchers

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.13
Fix Version/s: 2.5.14
Component/s: Dispatch Filter
Labels:
- charset
- multipart
- regex
- struts2
Environment:

JDK8
Tomcat 8.0
Struts 2.5.13

Flags:

Important

Description

Struts 2.5.12 introduced a regex matches for multipart requests.
Struts 2.5.13 fixed ~~WW-4818~~ issue, still it does fails due to charset encoding being appended after the boundary marker (the regex does not match).

Here's the header sent in browser's request:

Content-Type: multipart/form-data; boundary=---------------------------207103069210263

And this is the header handled in Struts' Dispatcher wrapRequest() method:

multipart/form-data; boundary=---------------------------207103069210263;charset=UTF-8

The issue seems to be related to the applyEncoding _method (called in _prepare method)

Dispatcher.java

    private void applyEncoding(HttpServletRequest request, String encoding) {
        try {
            if (!encoding.equals(request.getCharacterEncoding())) {
                // if the encoding is already correctly set and the parameters have been already read
                // do not try to set encoding because it is useless and will cause an error
               request.setCharacterEncoding(encoding);
            }
        } catch (Exception e) {
            LOG.error("Error setting character encoding to '{}' - ignoring.", encoding, e);
        }
    }