[webkit-reviews] review denied: [Bug 113233] filenameFromHTTPContentDisposition() doesn't comply with RFC 6266 : [Attachment 195249] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Mar 30 11:24:37 PDT 2013


Adam Barth <abarth at webkit.org> has denied Christophe Dumez <dchris at gmail.com>'s
request for review:
Bug 113233: filenameFromHTTPContentDisposition() doesn't comply with RFC 6266
https://bugs.webkit.org/show_bug.cgi?id=113233

Attachment 195249: Patch
https://bugs.webkit.org/attachment.cgi?id=195249&action=review

------- Additional Comments from Adam Barth <abarth at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=195249&action=review


We shouldn't use regular expressions when parsing HTTP headers.

> Source/WebCore/platform/network/HTTPParsers.cpp:293
> +    RegularExpression regexp(";\\s*filename\\s*=\\s*", TextCaseInsensitive);

> +    int matchOffset = regexp.match(value);

This isn't correct.  For example, it doesn't work on:

Content-Disposition: attachment; foo="; filename="; filename=bar.txt


More information about the webkit-reviews mailing list