Bug #29053 for CGI-Lite: Fails to handle POST multipart from Safari 3

Wed Aug 29 14:59:44 2007 justin [...] dslr.net - Ticket created

Subject:

Fails to handle POST multipart from Safari 3

Safari 3x (Windows and Mac) can use boundary strings with the + character in them. CGI::Lite fails to process forms if the boundary string contains +. Safari 3 uses this character randomly as its multipart boundary. The regular expression on line 1024 needs to use an escaped $boundary variable. Add this to the start of that function: $boundary=quotemeta($boundary);

Tue May 20 10:32:06 2014 HOUSTON [...] cpan.org - Correspondence added 10 min

Hello Justin, Thanks for spotting and raising this bug report. You are, of course, quite right and your suggested fix solves the greater problem of all the possible regex metacharacters allowed in the encapsulation boundary by RFC 1341. This will be fixed in the next release. Pete On Wed Aug 29 14:59:44 2007, justin9 wrote: Show quoted text

> Safari 3x (Windows and Mac) can use boundary strings with the + > character in them. CGI::Lite fails to process forms if the boundary > string contains +. Safari 3 uses this character randomly as its > multipart boundary. > > The regular expression on line 1024 needs to use an escaped $boundary > variable. > > Add this to the start of that function: > > $boundary=quotemeta($boundary); >

Tue May 20 10:32:06 2014 The RT System itself - Status changed from 'new' to 'open'

Tue May 20 10:32:07 2014 HOUSTON [...] cpan.org - Taken

Mon Jun 02 04:54:54 2014 HOUSTON [...] cpan.org - Correspondence added 30 min

This has been fixed in the recently-released version 2.03.

Mon Jun 02 04:54:55 2014 HOUSTON [...] cpan.org - Status changed from 'open' to 'resolved'

Mon Jun 02 04:54:56 2014 HOUSTON [...] cpan.org - Fixed in 2.03 added