Message168073
I must admit my usage case is a hack, but the summary is: view a page on one computer, process it on another computer; like sending the page to a friend, with friend -> self and send -> upload.
I found one other victim in python (https://groups.google.com/d/topic/web2py/ixeUUWryZh0/discussion) but only an occasional reference to other languages; most posts relate to security issues with mht files.
My previous example only served to show that the mime-type is a necessary condition for the problem to occur; you are right that this input would be expected to throw an exception.
So I went on and created a complete testcase/example (attached). The PatchedFieldStorage class parses the mht file correctly into parts. However, the names of the parts are in "content-location" headers inside
the mht file and get lost. Also the code is ugly.
Trying to better re-use existing code like in ExperimentalFieldStorage was not succesful so far: The MIME-prologue is parsed as one of the parts, and the outerboundary is not respected, losing a dataelement "next to" the file. The print() calls show that the next line may be valuable (like a header) or not so much (like a boundary), but so far the class has no provision for look-ahead I think.
email.message_from_binary_file correctly parses my mht-files; so a completely different approach might be to more rely on that package for parsing MIME encoded data. |
|
Date |
User |
Action |
Args |
2012-08-13 09:40:14 | patrick.vrijlandt | set | recipients:
+ patrick.vrijlandt, orsenthil, v+python, r.david.murray |
2012-08-13 09:40:13 | patrick.vrijlandt | set | messageid: <1344850813.37.0.616127923048.issue15564@psf.upfronthosting.co.za> |
2012-08-13 09:40:12 | patrick.vrijlandt | link | issue15564 messages |
2012-08-13 09:40:12 | patrick.vrijlandt | create | |
|