Message 167548 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	patrick.vrijlandt
Recipients	patrick.vrijlandt
Date	2012-08-06.09:31:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1344245506.28.0.499641288303.issue15564@psf.upfronthosting.co.za>
In-reply-to

Content
.mht is an archive format created by Microsoft IE 8 when saving a webpage. It is essentially a mime multipart message. My problem occurred when I uploaded such a file to a cgi-based server. The posted data would be fed to cgi.FieldStorage. (I can't post the file unfortunately) As it turns out, cgi.FieldStorage tries to recursively parse the postdata, thereby splitting up the uploaded file; this fails. However, this (automatic) recursive behaviour seems unwanted for an uploaded file. My proposal is thus to adapt cgi.py (line number for Python 3.2), so that in FieldStorage.__init__, line 542, read_multi would not be invoked in this case. Currently it says: elif ctype[:10] == 'multipart/': self.read_multi(environ, keep_blank_values, strict_parsing) Change this to: elif ctype[:10] == 'multipart/' and not self.filename: self.read_multi(environ, keep_blank_values, strict_parsing) (I apologise for not submitting a test case. When trying to create it, it is either very complicated, or not easily recognizable as valid. Moreover, my server used a 3rd party software (bottlypy.org: bottle.py))

.mht is an archive format created by Microsoft IE 8 when saving a webpage. It is essentially a mime multipart message.

My problem occurred when I uploaded such a file to a cgi-based server. The posted data would be fed to cgi.FieldStorage. (I can't post the file unfortunately)

As it turns out, cgi.FieldStorage tries to recursively parse the postdata, thereby splitting up the uploaded file; this fails. However, this (automatic) recursive behaviour seems unwanted for an uploaded file.

My proposal is thus to adapt cgi.py (line number for Python 3.2), so that in FieldStorage.__init__, line 542, read_multi would not be invoked in this case.

Currently it says:

    elif ctype[:10] == 'multipart/':
        self.read_multi(environ, keep_blank_values, strict_parsing)

Change this to:

    elif ctype[:10] == 'multipart/' and not self.filename: 
        self.read_multi(environ, keep_blank_values, strict_parsing)

(I apologise for not submitting a test case. When trying to create it, it is either very complicated, or not easily recognizable as valid. Moreover, my server used a 3rd party software (bottlypy.org: bottle.py))

History
Date	User	Action	Args
2012-08-06 09:31:46	patrick.vrijlandt	set	recipients: + patrick.vrijlandt
2012-08-06 09:31:46	patrick.vrijlandt	set	messageid: <1344245506.28.0.499641288303.issue15564@psf.upfronthosting.co.za>
2012-08-06 09:31:45	patrick.vrijlandt	link	issue15564 messages
2012-08-06 09:31:45	patrick.vrijlandt	create