search

tus / tus-resumable-upload-protocol

Open Protocol for Resumable File Uploads
https://tus.io
MIT License
1.48k stars 103 forks source link

Add some red tape for metadata #161

Closed nigoroll closed 3 years ago

nigoroll commented 4 years ago

I just noticed that simplistic implementations might be tempted to use the base64 decode of metadata values directly for headers, which could be used for smuggling.

E.g. consider something along the lines of

filetype dGV4dC9odG1sDQpDb250ZW50LUxlbmd0aDogMA0KDQpQT1NUIC9ldmlsL3JlcXVlc3QgSFRUUC8xLjENCkhvc3Q6IHNlY3JldC5pbnRlcm5hbC5ob3N0DQo=

if a TUS upload is turned into another HTTP/1.1 request.

Acconut commented 3 years ago

Good call! What do you think about adapting the writing style from the rest of the document?

Since metadata values can contain arbitrary binary values, Servers SHOULD carefully validate the values or sanitized them before using them as header values to avoid header smuggling.

nigoroll commented 3 years ago

Thank you, @Acconut . I took your suggestion with minor changes