[
https://issues.apache.org/jira/browse/WW-4958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16817257#comment-16817257
]
ASF subversion and git services commented on WW-4958:
-----------------------------------------------------
Commit f45d2752bb089ade2e41320b81283cbc8aa78259 in struts's branch
refs/heads/struts-2-5-x from Lukasz Lenart
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=f45d275 ]
WW-4958 Uses less restrictive Regex to check if it's a multipart request
> File upload fails from certain clients
> --------------------------------------
>
> Key: WW-4958
> URL: https://issues.apache.org/jira/browse/WW-4958
> Project: Struts 2
> Issue Type: Bug
> Components: Dispatch Filter
> Affects Versions: 2.5.17
> Reporter: Tamás Faragó
> Priority: Major
> Fix For: 2.5.21, 2.6
>
>
> 2.5.11 added more validation on whether to accept file uploads. Previously
> there was only a check if the HTTP header contained "multipart/form-data",
> now there is the following regex in Dispatcher::isMultipartRequest.
>
> {quote}public static final String MULTIPART_FORM_DATA_REGEX =
> "^multipart/form-data(;
> boundary=[0-9a-zA-Z'()+_,\\-./:=?]\{1,70})?(;charset=[a-zA-Z\\-0-9]\{3,14})?";{quote}
>
> This is too restrictive, apache http client for example adds a white space
> between the semicolon and "charset" and thus all file uploads are failing
> unless this regex is overwritten in the config.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
