Support for base64 Content-Transfer-Encoding in multipart posts.
Open, Stalled, LowPublic

Description

Author: M8R-udfkkf

Description:
Add support for base64 Content-Transfer-Encoding in "multipart/form-data" posts.

When I try to use the following:

--89e5ac3ab79ab2c
Content-Disposition: form-data; name="file"; filename="A.jpg"
Content-Type: image/gif
Content-Transfer-Encoding: base64;

R0lGODlhlQAsAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/APAAAA8A
/wD//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAz
mQAzzAAz/wBmAABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDM
mQDMzADM/wD/AAD/MwD/ZgD/mQD/zADzMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMz
mTMzzDMz/zNmADNmMzNmZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPM
mTPMzDPM/zP/ADP/MzP/ZjP/mTP/zDP
2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYz
mWYzzGYz/2ZmAGZmM2ZmZmZmmWZmzGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbM
mWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkz
mZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZAJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnM
mZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn
8wAAMwAM8wAZswAmcwAzMwA/8wzAMwzM8wzZswz
mcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZZsyZmcyZzMyZ/8zMAMzMM8zMZszM
mczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz/8AAP8AM/8AZv8Amf8AzP8A8zAP8zM/8zZv8z
mf8zzP8z9mAP9mM/9mZv9mmf9mzP9m+ZAP+ZM/+ZZv+Zmf+ZzP+Z/MAP/MMMZv/M
mf/MzP/M//APM/ZvmfzP/yH5BAEAABAALAAAAACVACwAAAj/AP8JHEiwoMGD
CBMqXMiwocOHDbsE6nJIIkWJVbZg3AKxo8ePIEOG5BKIpMmSKLlUWVlFpMuXMD2OA3lx4qF/
E1lWObQy5sGZPoOCxDWOKC6PKVHiVKmySqAYQgXmGtdtXK6oWBmOs0rVKtKaNVkGyoi1aNF/
R7OqNWjWKNC0DU/KHVulqVCiVfECXcvXbN6ueCHatFgxZ5e7bdvyTfgW7VmPbiObfZh0rkmf
Vbde3fpvr0PPMv9N3ZpZ9FbQCql25kr6dEHUBW8Onk0R5lvFR+EyJNo5rWfdByULR0t8d2Lh
kxUj5PJPbvOUmGd2ndpNK3XHVaf27tq5OkK91P1y/82r9W92wP/Omz94GGzhmkFzS3do1DHy
4QbvH5+cOrf95PolVJlSJYk0n1eawYbQXqeFN9p4rIHW4HQTdjaadRVG2F2E2hn03oeEhSRd
fdtBpF+Ajw104nEN1efifpIJaBl0Jqqml2+BNQTYjuad1SNwP/Loo4IGrbfhjUIeFMg/IE70
j0T0CTQibvzpuJ18yF15FnArXgkRal0mNONlVp6WGYKqPeSamQM9KGWEZxJ05oNzriaiQHOa
6VpChPVpU5RYJjbUY0RK6WJwMAr6EJeJusXQmA1VtWF4en3kl2neJSTpjvlR2ON1DmXqnZCU
OrTkQIft5piWjhb63X86Rv9WnIqJslooiSP+F2NW0rnZ654gJSjpgpqlp+FBDk54HmevHbiZ
dNU96+BaWwqaIm+zKoSliglludCK2BKEX3G3xejqR0GS91OmDFVXqabi3fgZkkYau2FnvaVH
Lr0pvgoZi68JFO68U4prLY7niqsrwAu36p/DVbJV4pf3isYYUMwyludMm67W1Ux0dgTyahtz
ByeRJ2dM0Mki+8YYbxG/Ohy4/X7prcD74YvozbTK6hG7C3YIHEKfGjqdofa6ROnRA1G4kKfz
rXyUejX7FPXQBZ3YsHIhBUqi0f5pO6WjUucs1FXDJqwdhPhCeKHVD67ddIcMJVusVMpyVRZc
2GLkbbCsXlf9EpUi3Qe2omrZmDB2ABZ8aZGhxesSv0eiB3RWXxsHs9Y4l7h40wj7TTDZhi/2
pp2MWahngq2BDO2an2/Iukuto7nxYo0d+jKVM6/a8KJmi7jruH1td167Fn/KqZTrod3Q0tkZ
CD2myZm+L+ILgg6jfQvnG2vwH9EctvVSTvt028JyqFrcaZan/rAgLev2aleRf/jAqvbetOdq
mkt7l7GzDZJ0BhluxYReMOHXAO0HK+wxMDjcE12N9PdA+g0EfhVMXQAXcrvLMZB4GbQf10J4
wfGQMIMbXAz+TsjChwQEADs=
--89e5ac3ab79ab2c--

I get this error:
<?xml version="1.0"?><api servedby="mw38"><error code="verification-error" info="This file did not pass file verification"><details><detail>filetype-mime-mismatch</detail><detail>gif</detail><detail>text/plain</detail></details></error></api>

This is properly base64 encoded, and will decode to a gif.


Version: unspecified
Severity: enhancement
See Also:
https://bugs.php.net/bug.php?id=48219

Details

Reference
bz35285
bzimport raised the priority of this task from to Low.
bzimport set Reference to bz35285.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Mar 17 2012, 6:01 PM

Bryan.TongMinh wrote:

In your Content-Disposition you specify that the original filename has a jpg extension, while you claim that it is a give. Are you sure that the filename parameter that you specify has the correct extension?

Unfortunately closing this report as no further information has been provided.

Smallman: Please feel free to reopen this report if you can provide the information asked for in comment 1. Thanks!

XZise added a comment.Oct 4 2014, 4:20 PM

I can verify that: The mime is set to png and I upload a png (without using BASE64 it works).

--===============3344601353276105990==
Content-Type: image/png
MIME-Version: 1.0
Content-disposition: form-data; name="file";
filename="/home/xzise/Pictures/ksp/Thrusters_005.png"
Content-Transfer-Encoding: base64

iVBORw0KGgoAAAANSUhEUgAAAeYAAAFCCAYAAAAkHn43AAAAAXNSR0IArs4c6QAAAARnQU1BAACx
jwv8YQUAAAAJcEhZcwAADsIAAA7CARUoSoAAAE0xSURBVHhe7d0JeFTV3T/wXwCVNSxCQLZAZCtr
NEZBW3HtIgJd1IJL39cKNvjKXwVRUZayFEQBtWihBGspGqhSFVCrVVCqAopBEGQXCCBCEELCvkj+
8z1zTubOZWYyyWx3Zr6f57nPnLvMzJ07M/d3z3LPSXnxxRdL9+3bJ0RERBRbjRs3lpQJEyaUDh8+
XC8iIiKiWJk4caJU0WkiIiJyAAZmIiIiB2FgJiIichAGZiIiIgdhYCYiInIQBmYiIiIHYWAmIiJy
EAZmIiIiB2FgJiIichAGZiIiIgdhYCay2blzp5oo8mJxrPn9ktOxr2ytsLBQTpw4oefcqlevLmlp
aXrOW0lJiRw6dEilW7ZsqR79Ma8d6PX8qej7bNu2TY4dOybNmzeXdu3a6TXefH1WoyL7WNFj5g9O
knv27FHppk2bBvyc2Hbr1q0q3aZNm4DbWo9deerVqyepqamyZMkSuf7669WyxYsXy3XXXafSVD5f
vwdzXH2JxbFOlu832HNBeSr6OsFu7+u3YlTmHJJI0Fe2IDAnu4KCglLX8fA7TZkyRW1jlZubW7Z+
[…]

(the complete request can be seen there: https://gist.github.com/xZise/557977739834a31c7b25 )

Anomie changed the task status from Open to Stalled.Feb 20 2015, 4:12 PM
Anomie added a project: Upstream.
Anomie set Security to None.
Anomie added a subscriber: Anomie.Feb 20 2015, 4:15 PM

PHP doesn't decode this data, or even tell us whether there was a Content-Transfer-Encoding header. And it's not entirely clear whether RFC 2616 § 19.4.5 stating that HTTP doesn't use Content-Transfer-Encoding applies to all subparts of multipart/form-data or not.

See PHP bug 48219 for details. Until something happens there, there's nothing we're likely to do here.

Anomie moved this task from Unsorted to Non-Code on the MediaWiki-API board.Feb 20 2015, 4:15 PM
Krenair moved this task from Backlog to Reported Upstream on the Upstream board.Mar 29 2015, 8:21 PM