New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP multipart request with filename containing ";" causes exception #3326
Comments
@dittos I confirm.
|
@dittos could you propose a fix and a test case associated as you did already ? |
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';'. See issue netty#3326. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons.
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';'. See issue #3326. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons.
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';' or protected \\". See issue netty#3326 and netty#3327. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons and protected \\".
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';' or protected \\". See issue #3326 and #3327. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons and protected \\".
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';' or protected \\". See issue #3326 and #3327. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons and protected \\".
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';' or protected \\". See issue #3326 and #3327. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons and protected \\".
Motivation: HttpPostMultipartRequestDecoder threw an ArrayIndexOutOfBoundsException when trying to decode Content-Disposition header with filename containing ';' or protected \\". See issue netty#3326 and netty#3327. Modifications: Added splitMultipartHeaderValues method which cares about quotes, and use it in splitMultipartHeader method, instead of StringUtils.split. Result: Filenames can contain semicolons and protected \\".
Netty version: 3.10.0.Final
When I send HTTP request something like:
It causes the following stack trace.
Test case (add to
HttpPostRequestDecoderTest
):Although I only tested 3.x release, but it seems that also 4.x/5.0 have the same bug.
The text was updated successfully, but these errors were encountered: