Skip Menu |

This queue is for tickets about the Net-Server CPAN distribution.

Report information
The Basics
Id: 67847
Status: resolved
Priority: 0/
Queue: Net-Server
People
Owner: Nobody in particular
Requestors: dmcbride [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: 0.99
Fixed in: (no value)
Attachments
signature.asc

History Show all quoted text
  Fri Apr 29 16:56:41 2011 dmcbride [...] cpan.org - Ticket created
Subject: Net::Server::HTTP doesn't handle multipart/form-data properly [WITH FIX]
The parse_headers method puts HTTP_ in front of CONTENT_TYPE, which then confuses CGI. Checking the header parsing from HTTP::Server::Simple, I replaced the foreach loop in parse_headers with: foreach my $l (@lines) { my ($tag, $value) = split /\s*:\s*/, $l, 2; $tag = uc($tag); $tag =~ s/^COOKIES$/COOKIE/; $tag =~ s/-/_/g; $tag = "HTTP_" . $tag unless $tag =~ m/^CONTENT_(?:LENGTH|TYPE)$/; if ( exists $ENV{$tag} ) { $ENV{$tag} .= ", $value"; } else { $ENV{$tag} = $value; } } And now this works. (It also looks like you may not have been handling the case where there is more than one value for a key/tag, which would happen with forms with select-multiple entries. The above looks like it would solve that issue?)
  Wed May 30 11:58:17 2012 paul [...] seamons.com - Correspondence added
Thankyou for the bugfix. The code is updated as of the just released version 2.000. Unfortunately I didn't read the entire patch, CONTENT_TYPE is now supported correctly, but it still is passing HTTP_COOKIES rather than HTTP_COOKIE. Version 2.001 (unreleased) already has the fix applied. On Fri Apr 29 16:56:41 2011, DMCBRIDE wrote: Show quoted text
> The parse_headers method puts HTTP_ in front of CONTENT_TYPE, which > then confuses CGI. > > Checking the header parsing from HTTP::Server::Simple, I replaced the > foreach loop in parse_headers with: > > > foreach my $l (@lines) { > my ($tag, $value) = split /\s*:\s*/, $l, 2; > $tag = uc($tag); > $tag =~ s/^COOKIES$/COOKIE/; > $tag =~ s/-/_/g; > $tag = "HTTP_" . $tag > unless $tag =~ m/^CONTENT_(?:LENGTH|TYPE)$/; > > if ( exists $ENV{$tag} ) { > $ENV{$tag} .= ", $value"; > } > else { > $ENV{$tag} = $value; > } > } > > And now this works. (It also looks like you may not have been handling > the case where there is more than one value for a key/tag, which would > happen with forms with select-multiple entries. The above looks like it > would solve that issue?)
  Wed May 30 11:58:18 2012 The RT System itself - Status changed from 'new' to 'open'
  Wed May 30 11:58:18 2012 paul [...] seamons.com - Status changed from 'open' to 'patched'
  Wed May 30 14:07:07 2012 dmcbride [...] cpan.org - Correspondence added
Subject: Re: [rt.cpan.org #67847] Net::Server::HTTP doesn't handle multipart/form-data properly [WITH FIX]
Date: Wed, 30 May 2012 12:06:53 -0600
To: bug-Net-Server [...] rt.cpan.org
From: Darin McBride <dmcbride [...] cpan.org>
On Wednesday May 30 2012 11:58:17 AM you wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=67847 > > > Thankyou for the bugfix. The code is updated as of the just released > version 2.000. > > Unfortunately I didn't read the entire patch, CONTENT_TYPE is now > supported correctly, but it still is passing HTTP_COOKIES rather than > HTTP_COOKIE. Version 2.001 (unreleased) already has the fix applied.
Thanks. I've taken a quick look at the code, and it seems to be a bit off: Show quoted text
> > if ( exists $ENV{$tag} ) { > > $ENV{$tag} .= ", $value"; > > } > > else { > > $ENV{$tag} = $value; > > } > > }
In your code, you merely append values together, but the above code separates them with a comma-space, making it possible to pull back apart should the underlying code need it. Maybe I misunderstand what this piece of code is doing? Thanks,
Download signature.asc
application/pgp-signature 198b

Message body not shown because it is not plain text.

  Wed May 30 14:07:08 2012 The RT System itself - Status changed from 'patched' to 'open'
  Wed May 30 17:53:39 2012 paul [...] seamons.com - Correspondence added
Your right on both counts. I have updated it to included the ", $val" as well as the cookies fix. Ultimately I don't like how HTTP::Server::CGI::Environment is doing it either. I think that an arrayref would be better - however, we'll leave it this way for the default and maybe add a config option to allow for multiple values as an arrayref. On Wed May 30 14:07:07 2012, DMCBRIDE wrote: Show quoted text
> On Wednesday May 30 2012 11:58:17 AM you wrote:
> > <URL: https://rt.cpan.org/Ticket/Display.html?id=67847 > > > > > Thankyou for the bugfix. The code is updated as of the just
> released
> > version 2.000. > > > > Unfortunately I didn't read the entire patch, CONTENT_TYPE is now > > supported correctly, but it still is passing HTTP_COOKIES rather
> than
> > HTTP_COOKIE. Version 2.001 (unreleased) already has the fix
> applied. > > Thanks. I've taken a quick look at the code, and it seems to be a bit > off: >
> > > if ( exists $ENV{$tag} ) { > > > $ENV{$tag} .= ", $value"; > > > } > > > else { > > > $ENV{$tag} = $value; > > > } > > > }
> > In your code, you merely append values together, but the above code > separates > them with a comma-space, making it possible to pull back apart should > the > underlying code need it. > > Maybe I misunderstand what this piece of code is doing? > > Thanks,
  Wed May 30 17:53:40 2012 paul [...] seamons.com - Status changed from 'open' to 'resolved'