IETF Logo Mail Archive

Re: [apps-discuss] Feedback on multipart/form-data

Dave Cridland <dave@cridland.net> Thu, 19 September 2013 11:34 UTC

Return-Path: <dave@cridland.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE51E21F915C for <apps-discuss@ietfa.amsl.com>; Thu, 19 Sep 2013 04:34:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8aIwudUmfQJQ for <apps-discuss@ietfa.amsl.com>; Thu, 19 Sep 2013 04:34:28 -0700 (PDT)
Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) by ietfa.amsl.com (Postfix) with ESMTP id 804D721F8E2D for <apps-discuss@ietf.org>; Thu, 19 Sep 2013 04:34:28 -0700 (PDT)
Received: by mail-wg0-f41.google.com with SMTP id l18so6907858wgh.2 for <apps-discuss@ietf.org>; Thu, 19 Sep 2013 04:34:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cridland.net; s=google; h=to:message-id:from:cc:date:mime-version:subject:content-type; bh=eDimfH0NbZMJyHOvTBh84KYd7hxl+aw3iEirBSMxD5c=; b=g8DikId/3eBmbV7MKxCh4OCrCI75rdcWoUBzNlQ62tXPD42AQTlSRfmGb8A+c6sxMF jac1DnIqlLZxHMop9K6hnx5nCMRx014iEzgQSi4VNPdJhXNOkFKkMYPVcX2gPlEgRJpn MOUjfTZsTZwlwq+wATV65WN9iEQVdIfESEV9Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:message-id:from:cc:date:mime-version:subject :content-type; bh=eDimfH0NbZMJyHOvTBh84KYd7hxl+aw3iEirBSMxD5c=; b=AgCDwRlD0VGP4J1/mJB1SlqhoaPh9CMfAh+ZAtHKITK7+DojhVWXdMY+O8m/bFlHmp tzbZX24FxNbbaXpXBBNM2XQ+RP5tx1Nh+Kgq896bAKfoXJWVXNDnagjXOFQH+T7E8jr1 ojkU8ziCMsqXG8MM/088CaHsykk7dxd/9kg0vtP9JJpuJyuRFXIyX4bKHckK8pTLlv3a GxrR84zBZda2L0k7gPFIqdnvh8xILwGED/iDmzydRDbeAibiOXbraqmvW4ElGK4vJKPs 1EmocawJWCVTFE7SAxy8mnIrNdmgfprOVnXM951eO/8xQuAvjCl3Z8wqKmCKT/HgM7S6 dw8g==
X-Gm-Message-State: ALoCoQnLCyRHp7U65XtQMdINt3MYpD/gc9VFlJNWSHAnNNtdu79936yKET8i5FzrnG1nPWizNijL
X-Received: by 10.194.77.2 with SMTP id o2mr944645wjw.57.1379590467472; Thu, 19 Sep 2013 04:34:27 -0700 (PDT)
Received: from Mac-mini.local (peirce.dave.cridland.net. [217.155.137.61]) by mx.google.com with ESMTPSA id dq11sm18168648wid.3.1969.12.31.16.00.00 (version=TLSv1.1 cipher=RC4-SHA bits=128/128); Thu, 19 Sep 2013 04:34:26 -0700 (PDT)
To: Julian Reschke <julian.reschke@gmx.de>
Message-Id: <pbT1pMwRJ3liAErfEE4eiOzhPsmRJD_dystcZP1odmoQfp-yE@smtp.gmail.com>
From: Dave Cridland <dave@cridland.net>
Date: Thu, 19 Sep 2013 11:34:24 -0000
Mime-Version: 1.0
X-Mailer: Inky (TM) v2.0.523A.D3E0 ("Ink Different")
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: Ian Hickson <ian@hixie.ch>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Feedback on multipart/form-data
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 11:34:31 -0000

Julian Reschke wrote:
> On 2013-08-15 20:28, Larry Masinter wrote:
>>     I'm working on a revision to  RFC 2388 multipart/form-data
>>     but I want some feedback before submitting a first draft.
>>
>>     I sent a pointer before,
>>     https://www.w3.org/Bugs/Public/show_bug.cgi?id=16909#c8
>>
>>     but perhaps you can comment instead on
>>     https://github.com/masinter/multipart-form-data
>>
>>
>>     RFC 2388 was clear:
>>     Field names originally in non-ASCII character sets may be encoded
>>     within the value of the "name" parameter using the standard method
>>     described in RFC 2047.
>>
>>     For reasons I don't understand, browsers did different, incompatible
>>     things.
>
> Insane complexity? :-) Too many ways to do the same thing?

RFC 2047 doesn't discuss parameters; though at least some mail MIME generators 
use it, instead of RFC 2231. (Google, for instance, generates mail using RFC 
2047 encoded-words in parameters, but accepts either RFC 2047 or RFC 2231 
encoded parameters).

>>     I think the main advice is:
>>
>>     * those creating HTML forms
>>     SHOULD use ASCII field names, since deployed HTML processors vary,
>>     and field names shouldn't be visible to the user anyway.
>
> +1

That's all well and good, but filenames are considerably more of a problem, 
I'd have thought. Moreover, I think existing HTTP clients don't escape '"' 
properly, as well.

>>     * Those developing server infrastructure to read multipart/form-data 
>>     uploads
>>     SHOULD be aware of the varying behavior of the browsers in translating
>>     non-ASCII field names, and look for any of the variants (if they're
>>     expecting non-ASCII field names).
>
> If this is a SHOULD we need to better understand what these variants are. 
> Study standard libraries? Write tests?

I know of RFC 2047 and RFC 2231, as well as unencoded UTF-8 and unencoded 
ISO-8859-1 (I think).

I'd also note that I've yet to find a receiving processor that handles 
multipart/form-data when chunked - I'll admit I've not been looking much, 
though. It might be as well to note the interaction with chunked encoding.

Sent with [inky: <http://inky.com?kme=signature>]

v2.23.0 | Report a Bug | By Email