Mercurial > hg > orthanc
annotate OrthancExplorer/file-upload.js @ 2248:69b0f4e8a49b
Escape multipart type parameter value in Content-Type header
## Summary
Multipart responses do not quote/escape the value of their type
parameter (the subtype) even though it always contains at least one
special character (the slash "/"), which confuses standard-compliant
HTTP clients.
## Details
The Content-Type header in HTTP is in RFC 7231, Section 3.1.1.5:
https://tools.ietf.org/html/rfc7231#section-3.1.1.5
The section defers to the media type section (3.1.1.1) for the syntax of
the media type:
https://tools.ietf.org/html/rfc7231#section-3.1.1.1
This states that a parameter value can be quoted:
parameter = token "=" ( token / quoted-string )
A parameter value that matches the token production can be transmitted
either as a token or within a quoted-string. The quoted and unquoted
values are equivalent.
Tokens are defined in RFC 7230, Section 3.2.6 (via RFC 7231, appendix
C):
https://tools.ietf.org/html/rfc7231#appendix-C
https://tools.ietf.org/html/rfc7230#section-3.2.6
Here we observe that tokens cannot contain a slash "/" character:
token = 1*tchar
tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*"
/ "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
/ DIGIT / ALPHA
; any VCHAR, except delimiters
Delimiters are chosen from the set of US-ASCII visual characters not
allowed in a token (DQUOTE and "(),/:;<=>?@[\]{}").
However, the current implementation does not quote/escape the value of
the type parameter:
multipart/related; type=application/dicom
Instead, it should be:
multipart/related; type="application/dicom"
All of this also seems to apply to the MIME Content-Type header
definition, even though it is a little different:
https://www.iana.org/assignments/message-headers
https://tools.ietf.org/html/rfc2045#section-5.1
https://tools.ietf.org/html/rfc2387
author | Thibault Nélis <tn@osimis.io> |
---|---|
date | Mon, 16 Jan 2017 13:07:11 +0100 |
parents | 79d259b86aa9 |
children | c9c2faf76bec |
rev | line source |
---|---|
0 | 1 var pendingUploads = []; |
2 var currentUpload = 0; | |
3 var totalUpload = 0; | |
4 | |
5 $(document).ready(function() { | |
6 // Initialize the jQuery File Upload widget: | |
7 $('#fileupload').fileupload({ | |
8 //dataType: 'json', | |
9 //maxChunkSize: 500, | |
10 //sequentialUploads: true, | |
11 limitConcurrentUploads: 3, | |
12 add: function (e, data) { | |
13 pendingUploads.push(data); | |
14 } | |
15 }) | |
16 .bind('fileuploadstop', function(e, data) { | |
17 $('#upload-button').removeClass('ui-disabled'); | |
18 //$('#upload-abort').addClass('ui-disabled'); | |
19 $('#progress .bar').css('width', '100%'); | |
20 if ($('#progress .label').text() != 'Failure') | |
21 $('#progress .label').text('Done'); | |
22 }) | |
23 .bind('fileuploadfail', function(e, data) { | |
24 $('#progress .bar') | |
25 .css('width', '100%') | |
26 .css('background-color', 'red'); | |
27 $('#progress .label').text('Failure'); | |
28 }) | |
29 .bind('fileuploaddrop', function (e, data) { | |
30 var target = $('#upload-list'); | |
31 $.each(data.files, function (index, file) { | |
32 target.append('<li class="pending-file">' + file.name + '</li>'); | |
33 }); | |
34 target.listview('refresh'); | |
35 }) | |
36 .bind('fileuploadsend', function (e, data) { | |
37 // Update the progress bar. Note: for some weird reason, the | |
38 // "fileuploadprogressall" does not work under Firefox. | |
39 var progress = parseInt(currentUpload / totalUploads * 100, 10); | |
40 currentUpload += 1; | |
41 $('#progress .label').text('Uploading: ' + progress + '%'); | |
42 $('#progress .bar') | |
43 .css('width', progress + '%') | |
44 .css('background-color', 'green'); | |
45 }); | |
46 }); | |
47 | |
48 | |
49 | |
50 $('#upload').live('pageshow', function() { | |
2198
79d259b86aa9
warning about issue 21 (missing files if uploading with Orthanc Explorer)
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
57
diff
changeset
|
51 alert('WARNING - This page is currently affected by Orthanc issue #21: ' + |
79d259b86aa9
warning about issue 21 (missing files if uploading with Orthanc Explorer)
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
57
diff
changeset
|
52 '"DICOM files might be missing after uploading with Mozilla Firefox." ' + |
79d259b86aa9
warning about issue 21 (missing files if uploading with Orthanc Explorer)
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
57
diff
changeset
|
53 'Do not use this upload feature for clinical uses, or carefully ' + |
79d259b86aa9
warning about issue 21 (missing files if uploading with Orthanc Explorer)
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
57
diff
changeset
|
54 'check that all instances have been properly received by Orthanc. ' + |
79d259b86aa9
warning about issue 21 (missing files if uploading with Orthanc Explorer)
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
57
diff
changeset
|
55 'Please use the command-line "ImportDicomFiles.py" script to circumvent this issue.'); |
0 | 56 $('#fileupload').fileupload('enable'); |
57 }); | |
58 | |
59 $('#upload').live('pagehide', function() { | |
60 $('#fileupload').fileupload('disable'); | |
61 }); | |
62 | |
63 | |
64 $('#upload-button').live('click', function() { | |
65 var pu = pendingUploads; | |
66 pendingUploads = []; | |
67 | |
68 $('.pending-file').remove(); | |
69 $('#upload-list').listview('refresh'); | |
70 $('#progress .bar').css('width', '0%'); | |
71 $('#progress .label').text(''); | |
72 | |
73 currentUpload = 1; | |
74 totalUploads = pu.length + 1; | |
75 if (pu.length > 0) { | |
76 $('#upload-button').addClass('ui-disabled'); | |
77 //$('#upload-abort').removeClass('ui-disabled'); | |
78 } | |
79 | |
80 for (var i = 0; i < pu.length; i++) { | |
81 pu[i].submit(); | |
82 } | |
83 }); | |
84 | |
85 $('#upload-clear').live('click', function() { | |
86 pendingUploads = []; | |
87 $('.pending-file').remove(); | |
88 $('#upload-list').listview('refresh'); | |
89 }); | |
90 | |
91 /*$('#upload-abort').live('click', function() { | |
92 $('#fileupload').fileupload().abort(); | |
93 });*/ |