Page MenuHomePhabricator
Create Task
Maniphest T37285

Support for base64 Content-Transfer-Encoding in multipart posts.
Open, Stalled, LowPublicFeature
Actions

Description

Author: M8R-udfkkf

Description:
Add support for base64 Content-Transfer-Encoding in "multipart/form-data" posts.

When I try to use the following:

--89e5ac3ab79ab2c
Content-Disposition: form-data; name="file"; filename="A.jpg"
Content-Type: image/gif
Content-Transfer-Encoding: base64;

R0lGODlhlQAsAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/APAAAA8A
/wD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAz
mQAzzAAz/wBmAABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDM
mQDMzADM/wD/AAD/MwD/ZgD/mQD/zADzMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMz
mTMzzDMz/zNmADNmMzNmZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPM
mTPMzDPM/zP/ADP/MzP/ZjP/mTP/zDP2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYz
mWYzzGYz/2ZmAGZmM2ZmZmZmmWZmzGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbM
mWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkz
mZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZAJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnM
mZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn8wAAMwAM8wAZswAmcwAzMwA/8wzAMwzM8wzZswz
mcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZZsyZmcyZzMyZ/8zMAMzMM8zMZszM
mczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz/8AAP8AM/8AZv8Amf8AzP8A8zAP8zM/8zZv8z
mf8zzP8z9mAP9mM/9mZv9mmf9mzP9m+ZAP+ZM/+ZZv+Zmf+ZzP+Z/MAP/MMMZv/M
mf/MzP/M//APM/ZvmfzP/yH5BAEAABAALAAAAACVACwAAAj/AP8JHEiwoMGD
CBMqXMiwocOHDbsE6nJIIkWJVbZg3AKxo8ePIEOG5BKIpMmSKLlUWVlFpMuXMD2OA3lx4qF/
E1lWObQy5sGZPoOCxDWOKC6PKVHiVKmySqAYQgXmGtdtXK6oWBmOs0rVKtKaNVkGyoi1aNF/
R7OqNWjWKNC0DU/KHVulqVCiVfECXcvXbN6ueCHatFgxZ5e7bdvyTfgW7VmPbiObfZh0rkmf
Vbde3fpvr0PPMv9N3ZpZ9FbQCql25kr6dEHUBW8Onk0R5lvFR+EyJNo5rWfdByULR0t8d2Lh
kxUj5PJPbvOUmGd2ndpNK3XHVaf27tq5OkK91P1y/82r9W92wP/Omz94GGzhmkFzS3do1DHy
4QbvH5+cOrf95PolVJlSJYk0n1eawYbQXqeFN9p4rIHW4HQTdjaadRVG2F2E2hn03oeEhSRd
fdtBpF+Ajw104nEN1efifpIJaBl0Jqqml2+BNQTYjuad1SNwP/Loo4IGrbfhjUIeFMg/IE70
j0T0CTQibvzpuJ18yF15FnArXgkRal0mNONlVp6WGYKqPeSamQM9KGWEZxJ05oNzriaiQHOa
6VpChPVpU5RYJjbUY0RK6WJwMAr6EJeJusXQmA1VtWF4en3kl2neJSTpjvlR2ON1DmXqnZCU
OrTkQIft5piWjhb63X86Rv9WnIqJslooiSP+F2NW0rnZ654gJSjpgpqlp+FBDk54HmevHbiZ
dNU96+BaWwqaIm+zKoSliglludCK2BKEX3G3xejqR0GS91OmDFVXqabi3fgZkkYau2FnvaVH
Lr0pvgoZi68JFO68U4prLY7niqsrwAu36p/DVbJV4pf3isYYUMwyludMm67W1Ux0dgTyahtz
ByeRJ2dM0Mki+8YYbxG/Ohy4/X7prcD74YvozbTK6hG7C3YIHEKfGjqdofa6ROnRA1G4kKfz
rXyUejX7FPXQBZ3YsHIhBUqi0f5pO6WjUucs1FXDJqwdhPhCeKHVD67ddIcMJVusVMpyVRZc
2GLkbbCsXlf9EpUi3Qe2omrZmDB2ABZ8aZGhxesSv0eiB3RWXxsHs9Y4l7h40wj7TTDZhi/2
pp2MWahngq2BDO2an2/Iukuto7nxYo0d+jKVM6/a8KJmi7jruH1td167Fn/KqZTrod3Q0tkZ
CD2myZm+L+ILgg6jfQvnG2vwH9EctvVSTvt028JyqFrcaZan/rAgLev2aleRf/jAqvbetOdq
mkt7l7GzDZJ0BhluxYReMOHXAO0HK+wxMDjcE12N9PdA+g0EfhVMXQAXcrvLMZB4GbQf10J4
wfGQMIMbXAz+TsjChwQEADs=
--89e5ac3ab79ab2c--

I get this error:
<?xml version="1.0"?><api servedby="mw38"><error code="verification-error" info="This file did not pass file verification"><details><detail>filetype-mime-mismatch</detail><detail>gif</detail><detail>text/plain</detail></details></error></api>

This is properly base64 encoded, and will decode to a gif.

Version: unspecified
Severity: enhancement
See Also:
https://bugs.php.net/bug.php?id=48219

Details

Reference
bz35285

Event Timeline

bzimport raised the priority of this task from to Low.Nov 22 2014, 12:12 AM
bzimport added a project: MediaWiki-Action-API.
bzimport set Reference to bz35285.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Mar 17 2012, 6:01 PM
bzimport added a comment.Dec 22 2012, 6:33 PM

Bryan.TongMinh wrote:

In your Content-Disposition you specify that the original filename has a jpg extension, while you claim that it is a give. Are you sure that the filename parameter that you specify has the correct extension?

Aklapper added a comment.Feb 8 2013, 1:01 PM

Unfortunately closing this report as no further information has been provided.

Smallman: Please feel free to reopen this report if you can provide the information asked for in comment 1. Thanks!

XZise added a comment.Oct 4 2014, 4:20 PM

I can verify that: The mime is set to png and I upload a png (without using BASE64 it works).

--===============3344601353276105990==
Content-Type: image/png
MIME-Version: 1.0
Content-disposition: form-data; name="file";
filename="/home/xzise/Pictures/ksp/Thrusters_005.png"
Content-Transfer-Encoding: base64

iVBORw0KGgoAAAANSUhEUgAAAeYAAAFCCAYAAAAkHn43AAAAAXNSR0IArs4c6QAAAARnQU1BAACx
jwv8YQUAAAAJcEhZcwAADsIAAA7CARUoSoAAAE0xSURBVHhe7d0JeFTV3T/wXwCVNSxCQLZAZCtr
NEZBW3HtIgJd1IJL39cKNvjKXwVRUZayFEQBtWihBGspGqhSFVCrVVCqAopBEGQXCCBCEELCvkj+
8z1zTubOZWYyyWx3Zr6f57nPnLvMzJ07M/d3z3LPSXnxxRdL9+3bJ0RERBRbjRs3lpQJEyaUDh8+
XC8iIiKiWJk4caJU0WkiIiJyAAZmIiIiB2FgJiIichAGZiIiIgdhYCYiInIQBmYiIiIHYWAmIiJy
EAZmIiIiB2FgJiIichAGZiIiIgdhYCay2blzp5oo8mJxrPn9ktOxr2ytsLBQTpw4oefcqlevLmlp
aXrOW0lJiRw6dEilW7ZsqR79Ma8d6PX8qej7bNu2TY4dOybNmzeXdu3a6TXefH1WoyL7WNFj5g9O
knv27FHppk2bBvyc2Hbr1q0q3aZNm4DbWo9deerVqyepqamyZMkSuf7669WyxYsXy3XXXafSVD5f
vwdzXH2JxbFOlu832HNBeSr6OsFu7+u3YlTmHJJI0Fe2IDAnu4KCglLX8fA7TZkyRW1jlZubW7Z+
[…]

(the complete request can be seen there: https://gist.github.com/xZise/557977739834a31c7b25 )

Anomie changed the task status from Open to Stalled.Feb 20 2015, 4:12 PM
Anomie added a project: Upstream.
Anomie set Security to None.
Anomie subscribed.Feb 20 2015, 4:15 PM

PHP doesn't decode this data, or even tell us whether there was a Content-Transfer-Encoding header. And it's not entirely clear whether RFC 2616 § 19.4.5 stating that HTTP doesn't use Content-Transfer-Encoding applies to all subparts of multipart/form-data or not.

See PHP bug 48219 for details. Until something happens there, there's nothing we're likely to do here.

Anomie moved this task from Unsorted to Non-Code on the MediaWiki-Action-API board.Feb 20 2015, 4:15 PM
Krenair moved this task from Backlog to Reported Upstream on the Upstream board.Mar 29 2015, 8:21 PM
Aklapper removed subscribers: Anomie, wikibugs-l-list.Oct 16 2020, 5:03 PM
Aklapper changed the subtype of this task from "Task" to "Feature Request".Feb 4 2022, 11:14 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL