cgi.FieldStorage.read_multi ignores Content-Length
Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length header in part headers. Patch written by Peter Landry and reviewed by Pierre Quentel.
This commit is contained in:
parent
2053aa1193
commit
6579459d4b
|
@ -714,6 +714,11 @@ class FieldStorage:
|
||||||
self.bytes_read += len(hdr_text)
|
self.bytes_read += len(hdr_text)
|
||||||
parser.feed(hdr_text.decode(self.encoding, self.errors))
|
parser.feed(hdr_text.decode(self.encoding, self.errors))
|
||||||
headers = parser.close()
|
headers = parser.close()
|
||||||
|
|
||||||
|
# Some clients add Content-Length for part headers, ignore them
|
||||||
|
if 'content-length' in headers:
|
||||||
|
del headers['content-length']
|
||||||
|
|
||||||
part = klass(self.fp, headers, ib, environ, keep_blank_values,
|
part = klass(self.fp, headers, ib, environ, keep_blank_values,
|
||||||
strict_parsing,self.limit-self.bytes_read,
|
strict_parsing,self.limit-self.bytes_read,
|
||||||
self.encoding, self.errors)
|
self.encoding, self.errors)
|
||||||
|
|
|
@ -326,6 +326,25 @@ Content-Type: text/plain
|
||||||
got = getattr(files[x], k)
|
got = getattr(files[x], k)
|
||||||
self.assertEqual(got, exp)
|
self.assertEqual(got, exp)
|
||||||
|
|
||||||
|
def test_fieldstorage_part_content_length(self):
|
||||||
|
BOUNDARY = "JfISa01"
|
||||||
|
POSTDATA = """--JfISa01
|
||||||
|
Content-Disposition: form-data; name="submit-name"
|
||||||
|
Content-Length: 5
|
||||||
|
|
||||||
|
Larry
|
||||||
|
--JfISa01"""
|
||||||
|
env = {
|
||||||
|
'REQUEST_METHOD': 'POST',
|
||||||
|
'CONTENT_TYPE': 'multipart/form-data; boundary={}'.format(BOUNDARY),
|
||||||
|
'CONTENT_LENGTH': str(len(POSTDATA))}
|
||||||
|
fp = BytesIO(POSTDATA.encode('latin-1'))
|
||||||
|
fs = cgi.FieldStorage(fp, environ=env, encoding="latin-1")
|
||||||
|
self.assertEqual(len(fs.list), 1)
|
||||||
|
self.assertEqual(fs.list[0].name, 'submit-name')
|
||||||
|
self.assertEqual(fs.list[0].value, 'Larry')
|
||||||
|
|
||||||
|
|
||||||
_qs_result = {
|
_qs_result = {
|
||||||
'key1': 'value1',
|
'key1': 'value1',
|
||||||
'key2': ['value2x', 'value2y'],
|
'key2': ['value2x', 'value2y'],
|
||||||
|
|
|
@ -773,6 +773,7 @@ Thomas Lamb
|
||||||
Valerie Lambert
|
Valerie Lambert
|
||||||
Jean-Baptiste "Jiba" Lamy
|
Jean-Baptiste "Jiba" Lamy
|
||||||
Ronan Lamy
|
Ronan Lamy
|
||||||
|
Peter Landry
|
||||||
Torsten Landschoff
|
Torsten Landschoff
|
||||||
Łukasz Langa
|
Łukasz Langa
|
||||||
Tino Lange
|
Tino Lange
|
||||||
|
|
|
@ -75,6 +75,10 @@ Core and Builtins
|
||||||
Library
|
Library
|
||||||
-------
|
-------
|
||||||
|
|
||||||
|
- Issue #24764: cgi.FieldStorage.read_multi() now ignores the Content-Length
|
||||||
|
header in part headers. Patch written by Peter Landry and reviewed by Pierre
|
||||||
|
Quentel.
|
||||||
|
|
||||||
- Issue #24774: Fix docstring in http.server.test. Patch from Chiu-Hsiang Hsu.
|
- Issue #24774: Fix docstring in http.server.test. Patch from Chiu-Hsiang Hsu.
|
||||||
|
|
||||||
- Issue #21159: Improve message in configparser.InterpolationMissingOptionError.
|
- Issue #21159: Improve message in configparser.InterpolationMissingOptionError.
|
||||||
|
|
Loading…
Reference in New Issue