You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2016/03/04 11:43:23 UTC
[Bug 59115] New: Part#getSubmittedFileName doesn't work corretly
with double quotes in filenames.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Bug ID: 59115
Summary: Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Product: Tomcat 8
Version: 8.0.32
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P2
Component: Specification APIs
Assignee: dev@tomcat.apache.org
Reporter: lofwyr@apache.org
If using the File-Upload with Servlet 3.1 and selecting a file with name e.g.
foo"bar".jpg the method call part.getHeader("Content-Disposition") results to
e.g. form-data; name="file"; filename="foo-\"bar\".jpg".
The call of part.getSubmittedFileName() results to foo-\"bar\".jpg but should
foo-"bar".jpg because the quotes are not part of the name.
The parsing problem may also affect other functions...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Thanks for the report. The submitted file name is either a token or
quoted-string and we weren't handling the quoted-string case.
This has been fixed for 9.0.x (9.0.0.M4 onwards), 8.0.x (8.0.33 onwards) and
7.0.x (7.0.69 onwards).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|REOPENED |RESOLVED
--- Comment #12 from Mark Thomas <ma...@apache.org> ---
So, starting with RFC7578:
Section 4.2 points to RFC2183 for the definition of the content disposition
header.
RFC2183 defines:
filename-parm := "filename" "=" value
and points to RFC2045 for value
RFC2045
value := token / quoted-string
and points to RFC822
RFC822:
quoted-string = <"> *(qtext/quoted-pair) <">
qtext = <any CHAR excepting <">,
"\" & CR, and including
linear-white-space>
And this is what Tomcat currently implements.
There are lots up updates to these RFCs around i18n values. Browsers don't seem
to be using them. We can update Tomcat if / when browsers start supporting
them.
On the grounds Tomcat is adhering to the relevant RFCs and IE is not, I am
re-resolving this issue as fixed.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Marco <ma...@lordzodiac.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |---
--- Comment #6 from Marco <ma...@lordzodiac.de> ---
This Change destroy the file upload in Internet-Explorer 11.
The "Content-Disposition" Header contains the filename with path
form-data; name="Datei"; filename="D:\temp\test.xml".
The call of part.getSubmittedFileName() return "D:temptest.xml". Befor this
change it returns "D:\temp\test.xml".
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Konstantin Kolinko <kn...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |---
Status|RESOLVED |REOPENED
--- Comment #11 from Konstantin Kolinko <kn...@gmail.com> ---
This needs further investigation.
Using RFC 6266 is an error: it defines a response header, not a request one.
Section "1. Introduction" of RFC 6266 has the following note:
Note: This document does not apply to Content-Disposition header
fields appearing in payload bodies transmitted over HTTP, such as
when using the media type "multipart/form-data" ([RFC2388]).
Links:
https://tools.ietf.org/html/rfc6266
https://tools.ietf.org/html/rfc2388 (Obsoleted by: 7578)
https://tools.ietf.org/html/rfc7578
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #9 from Marco <ma...@lordzodiac.de> ---
This option is in all Internet Explorer Version (8,9,10,11) for local and
trusted networks present. The entry name is " Include local directory path when
uploading files to a server". This entry is default enabled for trusted
networks.
I don't need this information. But when the "\" character is removed i has no
chance to extract the correct filename.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution|--- |FIXED
--- Comment #7 from Mark Thomas <ma...@apache.org> ---
IE 11 is not specification compliant. As per comment #5, you'll need to raise a
bug with Microsoft in the first instance. In the meantime, you can manually
parse the header yourself with custom rules for IE11 if you need that
information.
If Microsoft refuse to fix the bug then you should open a new enhancement
request for Tomcat to apply special handling in this case. There is no
guarantee that such an enhancement request will be implemented. The Tomcat team
generally does not implement work-arounds for bugs in third-party code.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #4 from Mark Thomas <ma...@apache.org> ---
I've fixed the initial exception.
The relevant spec here is RFC6266. I'm leaving this issue open until I have a
chance to look through that spec.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #8 from Konstantin Kolinko <kn...@gmail.com> ---
Sending full file path is a rather odd and insecure behaviour. Is this IE 11
not up-to-date, or does this behaviour depend on its security settings (e.g.
server being in trusted network)?
Some links
https://tools.ietf.org/html/rfc6266
https://tools.ietf.org/html/rfc1867
https://www.w3.org/TR/2014/REC-html5-20141028/forms.html#file-upload-state-(type=file)
http://commons.apache.org/proper/commons-fileupload/
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #13 from Masahiro YAMADA <ma...@gmail.com> ---
I sent this problem to Microsoft.
https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/9440110/
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Udo Schnurpfeil <lo...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |---
Status|RESOLVED |REOPENED
--- Comment #2 from Udo Schnurpfeil <lo...@apache.org> ---
Thanks for the quick response. I've just testet it with 8.0/trunk but it there
was an Exception:
The replaceAll need a regexp, and so the quoted backslash needs to be quoted
again:
replaceAll("\\\\", "") instead of replaceAll("\\", "")
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |csutherl@redhat.com
--- Comment #14 from Mark Thomas <ma...@apache.org> ---
*** Bug 60371 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|REOPENED |RESOLVED
--- Comment #5 from Mark Thomas <ma...@apache.org> ---
This has been fixed so Tomcat follows RFC 6266.
If some UAs do strange things outside of RFC 6266 then bugs need to be raised
with those browsers in the first instance.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |s05marti@blm.gov
--- Comment #10 from Mark Thomas <ma...@apache.org> ---
*** Bug 59891 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #15 from Michael Osipov <19...@gmx.net> ---
Not surpringly, Microsoft closed as wontfix.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 59115] Part#getSubmittedFileName doesn't work corretly with
double quotes in filenames.
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59115
--- Comment #3 from Udo Schnurpfeil <lo...@apache.org> ---
I've made some tests with different browsers and I found these encodings in the
filename part:
(filename) -> (content-disposition)
: -> :
/ -> :
\ -> \
\\ -> \
" -> \" (Firefox) and %22 (Chrome+Safari)
%22 -> %22
This leads to 3 problems:
1. The resulting string : doesn't differ between : and / so there is not
possibility to know what was the source.
2. The resulting string \ doesn't differ between \\ and \ so there is also not
possibility to find the source.
3. In Chrome+Safari we cannot differ between " and %22
I know these character are unusual, but not invalid on some OS.
For the moment I have best results with this code:
fileName = fileName.trim().replaceAll("\\\\\\\"", "\""); // replaces \" with "
I don't know which RFC is relevant here? But it looks for me, that we have
different file names
resulting in same header information.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org