[issue15564] cgi.FieldStorage should not call read_multi on files
patrick vrijlandt
report at bugs.python.org
Mon Aug 6 11:31:46 CEST 2012
New submission from patrick vrijlandt:
.mht is an archive format created by Microsoft IE 8 when saving a webpage. It is essentially a mime multipart message.
My problem occurred when I uploaded such a file to a cgi-based server. The posted data would be fed to cgi.FieldStorage. (I can't post the file unfortunately)
As it turns out, cgi.FieldStorage tries to recursively parse the postdata, thereby splitting up the uploaded file; this fails. However, this (automatic) recursive behaviour seems unwanted for an uploaded file.
My proposal is thus to adapt cgi.py (line number for Python 3.2), so that in FieldStorage.__init__, line 542, read_multi would not be invoked in this case.
Currently it says:
elif ctype[:10] == 'multipart/':
self.read_multi(environ, keep_blank_values, strict_parsing)
Change this to:
elif ctype[:10] == 'multipart/' and not self.filename:
self.read_multi(environ, keep_blank_values, strict_parsing)
(I apologise for not submitting a test case. When trying to create it, it is either very complicated, or not easily recognizable as valid. Moreover, my server used a 3rd party software (bottlypy.org: bottle.py))
----------
components: Library (Lib)
messages: 167548
nosy: patrick.vrijlandt
priority: normal
severity: normal
status: open
title: cgi.FieldStorage should not call read_multi on files
type: behavior
versions: Python 3.2
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue15564>
_______________________________________
More information about the Python-bugs-list
mailing list