search

aio-libs / aiohttp

Asynchronous HTTP client/server framework for asyncio and Python
https://docs.aiohttp.org
Other
15.15k stars 2.02k forks source link

Gracefully handle non-conforming Content-Disposition headers #5988

Open tilsche opened 3 years ago

tilsche commented 3 years ago

Is your feature request related to a problem?

I have encountered servers that send content disposition headers with extra semicolons at the end, e.g.

Content-Disposition: inline; filename="foo.obj";

I understand this is technically non-conforming, but it still contains useful and easily correctly parsable information.

Describe the solution you'd like

aiohttp should gracefully handle minor non-conformance and include the content_disposition with values. It can still emit a warning.

Describe alternatives you've considered

Fixing this in all broken servers is highly unlikely.

Related component

Client

Additional context

Both chromium and wget --content-disposition treat these cases gracefully.

It is a small change to continue here: https://github.com/aio-libs/aiohttp/blob/a1158c5389854f9885c30e08b0020e2d7d8a290f/aiohttp/multipart.py#L112

Alternative solutions with increasing strictness would be to

  1. discard empty parts
  2. discard whitespace-only parts
  3. discard semicolons at the very end of the header

I'm happy to create a PR with the preferred solution.

Code of Conduct

asvetlov commented 3 years ago

I think option 2 covers most cases. Pull Request is welcome!