Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.5.17
-
None
Description
2.5.11 added more validation on whether to accept file uploads. Previously there was only a check if the HTTP header contained "multipart/form-data", now there is the following regex in Dispatcher::isMultipartRequest.
public static final String MULTIPART_FORM_DATA_REGEX = "^multipart/form-data(; boundary=[0-9a-zA-Z'()+_,\\-./:=?]{1,70})?(;charset=[a-zA-Z\\-0-9]{3,14})?";
This is too restrictive, apache http client for example adds a white space between the semicolon and "charset" and thus all file uploads are failing unless this regex is overwritten in the config.
Attachments
Issue Links
- relates to
-
WW-5176 multipart/form-data parameters are not processed when charset is placed before boundary in Content-Type header
- Closed
- links to