[
https://issues.apache.org/jira/browse/WW-4958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16817259#comment-16817259
]
ASF subversion and git services commented on WW-4958:
-----------------------------------------------------
Commit f5a77768542918fdbebdddd0249262a9d90f514d in struts's branch
refs/heads/struts-2-5-x from Yasser Zamani
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=f5a7776 ]
Merge pull request #344 from lukaszlenart/WW-4958
[WW-4958] Uses less restrictive RegEx to check if it's a multipart request
> File upload fails from certain clients
> --------------------------------------
>
> Key: WW-4958
> URL: https://issues.apache.org/jira/browse/WW-4958
> Project: Struts 2
> Issue Type: Bug
> Components: Dispatch Filter
> Affects Versions: 2.5.17
> Reporter: Tamás Faragó
> Priority: Major
> Fix For: 2.5.21, 2.6
>
>
> 2.5.11 added more validation on whether to accept file uploads. Previously
> there was only a check if the HTTP header contained "multipart/form-data",
> now there is the following regex in Dispatcher::isMultipartRequest.
>
> {quote}public static final String MULTIPART_FORM_DATA_REGEX =
> "^multipart/form-data(;
> boundary=[0-9a-zA-Z'()+_,\\-./:=?]\{1,70})?(;charset=[a-zA-Z\\-0-9]\{3,14})?";{quote}
>
> This is too restrictive, apache http client for example adds a white space
> between the semicolon and "charset" and thus all file uploads are failing
> unless this regex is overwritten in the config.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
