From 4fc44671b3cad569421f4f8b775c0590b86f575e Mon Sep 17 00:00:00 2001 From: James Tucker Date: Sun, 13 May 2012 15:02:17 -0700 Subject: [PATCH] Fix parsing performance for unquoted filenames Special thanks to Paul Rogers & Eric Wong Conflicts: test/spec_multipart.rb --- lib/rack/multipart.rb | 4 ++-- test/spec_multipart.rb | 22 ++++++++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/lib/rack/multipart.rb b/lib/rack/multipart.rb index 3777106..6849248 100644 --- a/lib/rack/multipart.rb +++ b/lib/rack/multipart.rb @@ -12,7 +12,7 @@ module Multipart MULTIPART = %r|\Amultipart/.*boundary=\"?([^\";,]+)\"?|n TOKEN = /[^\s()<>,;:\\"\/\[\]?=]+/ CONDISP = /Content-Disposition:\s*#{TOKEN}\s*/i - DISPPARM = /;\s*(#{TOKEN})=("(?:\\"|[^"])*"|#{TOKEN})*/ + DISPPARM = /;\s*(#{TOKEN})=("(?:\\"|[^"])*"|#{TOKEN})/ RFC2183 = /^#{CONDISP}(#{DISPPARM})+$/i BROKEN_QUOTED = /^#{CONDISP}.*;\sfilename="(.*?)"(?:\s*$|\s*;\s*#{TOKEN}=)/i BROKEN_UNQUOTED = /^#{CONDISP}.*;\sfilename=(#{TOKEN})/i @@ -31,4 +31,4 @@ def build_multipart(params, first = true) end end -end \ No newline at end of file +end diff --git a/test/spec_multipart.rb b/test/spec_multipart.rb index 38c0d28..88729ee 100644 --- a/test/spec_multipart.rb +++ b/test/spec_multipart.rb @@ -360,4 +360,25 @@ def multipart_file(name) params.should.equal({"description"=>"Very very blue"}) end + should "parse very long unquoted multipart file names" do + data = <<-EOF +--AaB03x\r +Content-Type: text/plain\r +Content-Disposition: attachment; name=file; filename=#{'long' * 100}\r +\r +contents\r +--AaB03x--\r + EOF + + options = { + "CONTENT_TYPE" => "multipart/form-data; boundary=AaB03x", + "CONTENT_LENGTH" => data.length.to_s, + :input => StringIO.new(data) + } + env = Rack::MockRequest.env_for("/", options) + params = Rack::Utils::Multipart.parse_multipart(env) + + params["file"][:filename].should.equal('long' * 100) + end + end -- 1.7.10