Update Crashpad to f487da4ff2c47a129e2f8f3a7e0c769b54e4585f

third_party/crashpad/crashpad/util/net/http_multipart_builder.cc

 // Copyright 2014 The Crashpad Authors. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
@@ skipping 22 matching lines @@
 
 const char kBoundaryCRLF[] = "\r\n\r\n";
 
 // Generates a random string suitable for use as a multipart boundary.
 std::string GenerateBoundaryString() {
   // RFC 2046 §5.1.1 says that the boundary string may be 1 to 70 characters
   // long, choosing from the set of alphanumeric characters along with
   // characters from the set “'()+_,-./:=? ”, and not ending in a space.
   // However, some servers have been observed as dealing poorly with certain
   // nonalphanumeric characters. See
-  // blink/Source/platform/network/FormDataBuilder.cpp
-  // blink::FormDataBuilder::generateUniqueBoundaryString().
+  // blink/Source/platform/network/FormDataEncoder.cpp
+  // blink::FormDataEncoder::GenerateUniqueBoundaryString().
   //
   // This implementation produces a 56-character string with over 190 bits of
   // randomness (62^32 > 2^190).
   std::string boundary_string = "---MultipartBoundary-";
   for (int index = 0; index < 32; ++index) {
     const char kCharacters[] =
         "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
     int random_value =
         base::RandInt(0, static_cast<int>(strlen(kCharacters)) - 1);
     boundary_string += kCharacters[random_value];
   }
   boundary_string += "---";
   return boundary_string;
 }
 
 // Escapes the specified name to be suitable for the name field of a
 // form-data part.
 std::string EncodeMIMEField(const std::string& name) {
-  // RFC 2388 §3 says to encode non-ASCII field names according to RFC 2047, but
-  // no browsers implement that behavior. Instead, they send field names in the
-  // page hosting the form’s encoding. However, some form of escaping is needed.
   // This URL-escapes the quote character and newline characters, per Blink. See
-  // blink/Source/platform/network/FormDataBuilder.cpp
-  // blink::appendQuotedString().
-  //
-  // TODO(mark): This encoding is not necessarily correct, and the same code in
-  // Blink is marked with a FIXME. Blink does not escape the '%' character,
-  // that’s a local addition, but it seems appropriate to be able to decode the
-  // string properly.
+  // blink/Source/platform/network/FormDataEncoder.cpp
+  // blink::AppendQuotedString(). %-encoding is endorsed by RFC 7578 §2, with
+  // approval for otherwise unencoded UTF-8 given by RFC 7578 §5.1. Blink does
+  // not escape the '%' character, but it seems appropriate to do so in order to
+  // be able to decode the string properly.
   std::string encoded;
   for (char character : name) {
     switch (character) {
       case '\r':
       case '\n':
       case '"':
       case '%':
         encoded += base::StringPrintf("%%%02x", character);
         break;
       default:
@@ skipping 126 matching lines @@
   auto data_it = form_data_.find(key);
   if (data_it != form_data_.end())
     form_data_.erase(data_it);
 
   auto file_it = file_attachments_.find(key);
   if (file_it != file_attachments_.end())
     file_attachments_.erase(file_it);
 }
 
 }  // namespace crashpad