Issue 12529: cgi.parse_header fails on double quotes and semicolons (original) (raw)
Created on 2011-07-10 20:56 by Ben.Darnell, last changed 2022-04-11 14:57 by admin. This issue is now closed.
| Files | |||
|---|---|---|---|
| File name | Uploaded | Description | Edit |
| issue12529.patch | petri.lehtinen,2011-07-15 18:46 | Test & fix |
| Messages (7) | ||
|---|---|---|
| msg140091 - (view) | Author: Ben Darnell (Ben.Darnell) * | Date: 2011-07-10 20:56 |
| cgi.parse_header doesn't work on headers that contain combinations of double quotes and semicolons (although it works with either type of character individually). >>> cgi.parse_header('form-data; name="files"; filename="fo\\"o;bar"') ('form-data', {'name': 'files', 'filename': '"fo\\"o'}) This issue is present in python 2.7 and 3.2. One solution is to change _parseparam as follows (same as email.message._parseparam): def _parseparam(s): while s[:1] == ';': s = s[1:] end = s.find(';') while end > 0 and (s.count('"', 0, end) - s.count('\\"', 0, end)) % 2: end = s.find(';', end + 1) if end < 0: end = len(s) f = s[:end] yield f.strip() s = s[end:] | ||
| msg140097 - (view) | Author: R. David Murray (r.david.murray) *  |
Date: 2011-07-11 02:02 |
| The email module header parser handles this correctly (if you make it a real header). For whatever that's worth :) | ||
| msg140453 - (view) | Author: Petri Lehtinen (petri.lehtinen) * |
Date: 2011-07-15 18:46 |
| Attached a patch against 2.7. It adds Ben's example as a test case, and his one-line change to the _parseparam helper function to fix the issue. | ||
| msg145919 - (view) | Author: Roundup Robot (python-dev)  |
Date: 2011-10-19 16:53 |
| New changeset 489237756488 by Senthil Kumaran in branch '2.7': Fix closes Issue12529 - cgi.parse_header failure on double quotes and http://hg.python.org/cpython/rev/489237756488 | ||
| msg145920 - (view) | Author: Roundup Robot (python-dev) |
Date: 2011-10-19 17:07 |
| New changeset f5bd78b11275 by Senthil Kumaran in branch '3.2': 3.2 - Fix closes Issue12529 - cgi.parse_header failure on double quotes and http://hg.python.org/cpython/rev/f5bd78b11275 New changeset 8564d2b240b6 by Senthil Kumaran in branch 'default': default - Fix closes Issue12529 - cgi.parse_header failure on double quotes and http://hg.python.org/cpython/rev/8564d2b240b6 | ||
| msg145921 - (view) | Author: Senthil Kumaran (orsenthil) * |
Date: 2011-10-19 17:08 |
| Thanks for the patch, Petri and Ben.Darnell. | ||
| msg146026 - (view) | Author: Roundup Robot (python-dev) |
Date: 2011-10-20 16:34 |
| New changeset cfc545e028e0 by Senthil Kumaran in branch '3.2': News entry for Issue12529 and Issue12604 http://hg.python.org/cpython/rev/cfc545e028e0 New changeset 52a4e899966c by Senthil Kumaran in branch 'default': News entry for Issue12529 and Issue12604 http://hg.python.org/cpython/rev/52a4e899966c New changeset 6f7ddbfafbb0 by Senthil Kumaran in branch '2.7': News entry for Issue12529 and Issue12604 http://hg.python.org/cpython/rev/6f7ddbfafbb0 |
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:57:19 | admin | set | github: 56738 |
| 2011-10-20 16:34:55 | python-dev | set | messages: + |
| 2011-10-19 17:08:20 | orsenthil | set | nosy: + orsenthilmessages: + |
| 2011-10-19 17:07:16 | python-dev | set | messages: + |
| 2011-10-19 16:53:09 | python-dev | set | status: open -> closednosy: + python-devmessages: + resolution: fixedstage: patch review -> resolved |
| 2011-07-15 18:46:27 | petri.lehtinen | set | files: + issue12529.patchcomponents: + Library (Lib)versions: + Python 2.7, Python 3.2keywords: + patch, needs reviewnosy: + petri.lehtinenmessages: + stage: patch review |
| 2011-07-11 02:02:20 | r.david.murray | set | nosy: + r.david.murraymessages: + |
| 2011-07-10 20:56:04 | Ben.Darnell | create |