Author: markt Date: Sat Mar 5 18:27:53 2016 New Revision: 1733751 URL: http://svn.apache.org/viewvc?rev=1733751&view=rev Log: Update filename processing after review of RFC 6266
Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationPart.java tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationPart.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationPart.java?rev=1733751&r1=1733750&r2=1733751&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/core/ApplicationPart.java (original) +++ tomcat/trunk/java/org/apache/catalina/core/ApplicationPart.java Sat Mar 5 18:27:53 2016 @@ -32,6 +32,7 @@ import javax.servlet.http.Part; import org.apache.tomcat.util.http.fileupload.FileItem; import org.apache.tomcat.util.http.fileupload.ParameterParser; import org.apache.tomcat.util.http.fileupload.disk.DiskFileItem; +import org.apache.tomcat.util.http.parser.HttpParser; /** * Adaptor to allow {@link FileItem} objects generated by the package renamed @@ -139,16 +140,20 @@ public class ApplicationPart implements ParameterParser paramParser = new ParameterParser(); paramParser.setLowerCaseNames(true); // Parameter parser can handle null input - Map<String,String> params = - paramParser.parse(cd, ';'); + Map<String,String> params = paramParser.parse(cd, ';'); if (params.containsKey("filename")) { fileName = params.get("filename"); + // The parser will remove surrounding '"' but will not + // unquote any \x sequences. if (fileName != null) { - // This is a token or a quoted-string. If it is a token, - // there won't be any '\' characters. If it is a - // quoted-string it can be dequoted by removing the '\' - // characters. - fileName = fileName.trim().replaceAll("\\\\", ""); + // RFC 6266. This is either a token or a quoted-string + if (fileName.indexOf('\\') > -1) { + // This is a quoted-string + fileName = HttpParser.unquote(fileName.trim()); + } else { + // This is a token + fileName = fileName.trim(); + } } else { // Even if there is no value, the parameter is present, // so we return an empty file name rather than no file Modified: tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java?rev=1733751&r1=1733750&r2=1733751&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/http/parser/HttpParser.java Sat Mar 5 18:27:53 2016 @@ -62,12 +62,24 @@ public class HttpParser { } public static String unquote(String input) { - if (input == null || input.length() < 2 || input.charAt(0) != '"') { + if (input == null || input.length() < 2) { return input; } + int start; + int end; + + // Skip surrounding quotes if there are any + if (input.charAt(0) == '"') { + start = 1; + end = input.length() - 1; + } else { + start = 0; + end = input.length(); + } + StringBuilder result = new StringBuilder(); - for (int i = 1 ; i < (input.length() - 1); i++) { + for (int i = start ; i < end; i++) { char c = input.charAt(i); if (input.charAt(i) == '\\') { i++; --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org