Author adr26
Date 2005-11-27.17:47:58
SpamBayes Score
Marked as misclassified
I have a simple form in HTML to upload a file:

<form action="http://foo/cgi-bin/" 
enctype="multipart/form-data" method="post">
Please specify a file:<br>
<input type="file" name="file_1" size="40">
<input type="submit" value="Send">

I use this to post to a CGI python script that looks 
like this:

import cgi
import cgitb; cgitb.enable()

cgi.maxlen = 50

print "Content-type: text/plain"

q = cgi.parse()
print q

I was expecting that would then throw an 
exception if I send a file > 50 bytes long to it. If 
I construct a FieldStorage object, it certainly

form = cgi.FieldStorage()
print form

The issue is that in parse_multipart() in, if 
a part of a multi-part message does not have the 
Content-Length header, you read lines until you
get to the next boundary "--...", but don't honour 
maxlen whilst doing so. I'd consider this to be a bug 
and would even be happy to have a go at fixing
it as my first contribution to Python, should others 
concur with me... :-)
Date User Action Args
2007-08-23 14:36:23adminlinkissue1367631 messages
2007-08-23 14:36:23admincreate