Issue 730203008: Don't to do HTML entity decoding for multi-part form fields

Issue 730203008: Don't to do HTML entity decoding for multi-part form fields (Closed)

Created:
6 years, 1 month ago by Søren Gjesse

Modified:
6 years, 1 month ago

Reviewers:
kustermann

CC:
reviews_dartlang.org

Base URL:
https://dart.googlecode.com/svn/branches/bleeding_edge/dart

Visibility:
Public.

More Reviews

Description

Don't to do HTML entity decoding for multi-part form fields The code was trying to do HTML entity decoding on text field values in multipart form posts. This has been removed as it did not work. The parsing was expecting HTML entities to always be used, but that is not the case. Chrome, Firefox and Safari will do it if e.g. the attribute accept-charset="latin1" is set on the HTML form element, but the default when accept-charset is not set or is set to utf8 UTF-8 encoding will be used. Also when HTML entity encoding is used, the encoding done by the browser cannot be consistently decoded. E.g. if the value '&#<some large char>' is entered in a form with accept-charset="latin1" the value in the multipart/form-data response is '&#ひ' (<some large char> is HTML entity encoded as ひ), so '&#' is not escaped in any way. Passing the value returned by the browser into user code without trying to be clever is the right thing to do. R=kustermann@google.com BUG= Committed: https://code.google.com/p/dart/source/detail?r=41821

Patch Set 1 #

Total comments: 16

Patch Set 2 : Addressed review comments #

Created: 6 years, 1 month ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+47 lines, -60 lines)			Patch
M	pkg/http_server/CHANGELOG.md	View		1 chunk	+5 lines, -0 lines	0 comments	Download
M	pkg/http_server/lib/src/http_multipart_form_data_impl.dart	View	1	2 chunks	+2 lines, -50 lines	0 comments	Download
M	pkg/http_server/pubspec.yaml	View		1 chunk	+1 line, -1 line	0 comments	Download
M	pkg/http_server/test/http_multipart_test.dart	View	1	6 chunks	+39 lines, -9 lines	0 comments	Download

Messages

Total messages: 4 (0 generated)

Expand Messages | Collapse Messages

kustermann

lgtm with comments https://codereview.chromium.org/730203008/diff/1/pkg/http_server/lib/src/http_multipart_form_data_impl.dart File pkg/http_server/lib/src/http_multipart_form_data_impl.dart (right): https://codereview.chromium.org/730203008/diff/1/pkg/http_server/lib/src/http_multipart_form_data_impl.dart#newcode35 pkg/http_server/lib/src/http_multipart_form_data_impl.dart:35: StringBuffer buffer = new StringBuffer(); This ...

6 years, 1 month ago (2014-11-18 16:34:20 UTC) #2

Søren Gjesse

https://codereview.chromium.org/730203008/diff/1/pkg/http_server/lib/src/http_multipart_form_data_impl.dart File pkg/http_server/lib/src/http_multipart_form_data_impl.dart (right): https://codereview.chromium.org/730203008/diff/1/pkg/http_server/lib/src/http_multipart_form_data_impl.dart#newcode35 pkg/http_server/lib/src/http_multipart_form_data_impl.dart:35: StringBuffer buffer = new StringBuffer(); On 2014/11/18 16:34:20, kustermann ...

6 years, 1 month ago (2014-11-19 07:41:06 UTC) #3

Søren Gjesse

6 years, 1 month ago (2014-11-19 07:41:30 UTC) #4

Message was sent while issue was closed.

Committed patchset #2 (id:20001) manually as 41821 (presubmit successful).

Expand Messages | Collapse Messages