Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-4958

File upload fails from certain clients

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.5.17
    • 2.5.22, 6.0.0
    • Dispatch Filter
    • None

    Description

      2.5.11 added more validation on whether to accept file uploads. Previously there was only a check if the HTTP header contained "multipart/form-data", now there is the following regex in Dispatcher::isMultipartRequest.

       

      public static final String MULTIPART_FORM_DATA_REGEX = "^multipart/form-data(; boundary=[0-9a-zA-Z'()+_,\\-./:=?]{1,70})?(;charset=[a-zA-Z\\-0-9]{3,14})?";

       

      This is too restrictive, apache http client for example adds a white space between the semicolon and "charset" and thus all file uploads are failing unless this regex is overwritten in the config. 

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. WW-5176 multipart/form-data parameters are not processed when charset is placed before boundary in Content-Type header

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #344

          Web Link GitHub Pull Request #350

          Activity

            People

              lukaszlenart Lukasz Lenart
              tompom Tamás Faragó
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: