Sunday, January 3, 2010

Content-Disposition

I think there's a problem in how several web browsers fail to escape the filenames for Content-Disposition. I reported the problem and put a call out for people to verify the problem and either enlighten me or to submit bug reports to the relevant trackers.
Posted by at

2 comments:

Joshua Sierles said...

We found this to be true and it's a big problem. Filenames get truncated, or fail to parse and ruin an upload. Flash-based file upload also suffers from this problem. Since there is no deterministic way to parse these headers, browser vendors should agree on an escaping method here.

January 20, 2010 at 9:29 AM
Andrew Dalke said...

Thanks for your feedback! After I posted that I tracked down the Firefox bug reports related to it. There are several in Bugzilla. 136676 and 185863 were made in 2002. WebKit's 22381 is similar, but elsewhere it looks like they say the problem is in Safari and not WebKit, and I can't see the Safari bugs.

Is there a better way to raise this issue?

January 20, 2010 at 10:11 AM

Post a Comment

Subscribe to: Post Comments (Atom)