php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #48190 Content-type parameter "boundary" is not case-insensitive in HTTP uploads
Submitted: 2009-05-08 13:46 UTC Modified: 2009-12-29 15:58 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: carsten_sttgt at gmx dot de Assigned: garretts (profile)
Status: Closed Package: HTTP related
PHP Version: 5.*, 6 OS: *
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: carsten_sttgt at gmx dot de
New email:
PHP Version: OS:

 

 [2009-05-08 13:46 UTC] carsten_sttgt at gmx dot de 
Description:
------------
Hello,

PHP does not work correctly with POST requests and a Content-Type of MULTIPART/form-data, if the parameter name "BOUNDARY" is in uppercase.

According to RFC2045, matching of media type, subtype and parameter (attributes) is always case-insensitive.

(only the value of the BOUNDARY parameter is compared case-sensitive)

Tested on Windows with 5.2-dev, 5.3-dev and 6.0-dev. CGI and Apache module.

Regards,
Carsten



Reproduce code:
---------------
Put this textfile in your PHP directory:
**************** test.txt ******************
--250-16659-1241787336=:9320
Content-Type: TEXT/plain; CHARSET=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-Disposition: form-data; name=nick

php-faq
--250-16659-1241787336=:9320
Content-Type: TEXT/plain; CHARSET=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-Disposition: form-data; name=desc

post demo script
--250-16659-1241787336=:9320--
********************************************

Put this phpfile in your PHP directory:
**************** test.php ******************
<?php
var_dump($_POST);
?>
********************************************

Open a command prompt, go to your PHP dir and execute:
# set REQUEST_METHOD=POST
# set REDIRECT_STATUS=1
# set SCRIPT_FILENAME=test.php
# set CONTENT_LENGTH=391
# set CONTENT_TYPE=MULTIPART/form-data; BOUNDARY="250-16659-1241787336=:9320"
# type test.text | php-cgi.exe

if you set CONTENT_TYPE in this way, you have the correct result:
# set CONTENT_TYPE=MULTIPART/form-data; boundary="250-16659-1241787336=:9320"

Regards,
Carsten

BTW:
e.g. the IMAP-Module from PHP is using/generating BOUNDARY in uppercase.


Expected result:
----------------
Content-type: text/html

array(2) {
  ["nick"]=>
  string(7) "php-faq"
  ["desc"]=>
  string(16) "post demo script"
}


Actual result:
--------------
Content-type: text/html

<br />
<b>Warning</b>:  Missing boundary in multipart/form-data POST data in <b>Unknown
</b> on line <b>0</b><br />
array(0) {
}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-08 21:41 UTC] carsten_sttgt at gmx dot de 
In my first post I have refereed to RFC2045, but RFC2616 is also very clear about this [1]:
| The type, subtype, and parameter attribute names are
| case- insensitive. Parameter values might or might
| not be case-sensitive, depending on the semantics
| of the parameter name.

type = MULTIPART
subtype = form-data
parameter attribute name = BOUNDARY
parameter value = 250-16659-1241787336=:9320

[1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7
 [2009-05-08 22:05 UTC] jani@php.net 
Just curious, but what client actually uses uppercase/mixed case 
"boundary" parameter name? (and
 [2009-05-08 23:23 UTC] carsten_sttgt at gmx dot de 
> Just curious, but what client actually uses
> uppercase/mixed case "boundary" parameter name?

I'm using imap_mail_compose() to build the 'header' and 'content' keys in the stream_context_create() options array. And then using this context with e.g. file_get_contents() to make the POST request.

BTW: The above example is a HTTP POST request without a file upload.
 [2009-05-09 04:08 UTC] jani@php.net 
Yes, I know it's not an upload per se, but the code that handles is one 
that most of the time takes care of file uploads. :)

Problem is in rfc1867.c:804, strstr() should be replaced with something 
that does the same but case-insensitively.
 [2009-10-07 22:28 UTC] garretts@php.net 
I'm testing a fix I've built for this right now.
 [2009-11-30 20:03 UTC] jani@php.net 
So, where's the fix?
 [2009-12-29 15:57 UTC] svn@php.net 
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&revision=292762
Log: Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive in HTTP uploads).
 [2009-12-29 15:58 UTC] iliaa@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 [2010-01-25 23:26 UTC] svn@php.net 
Automatic comment from SVN on behalf of johannes
Revision: http://svn.php.net/viewvc/?view=revision&revision=294031
Log: Merge rfc1867.c changes

r292762 - Fixed bug #48190 (Content-type parameter "boundary" is not case-
   insensitive in HTTP uploads). (iliaa)
r292771 - WS + CS + folding tags (jani)
r292777 - Sync with HEAD (jani)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 10:01:29 2024 UTC