Mercurial > hg > orthanc
view OrthancExplorer/file-upload.js @ 2248:69b0f4e8a49b
Escape multipart type parameter value in Content-Type header
## Summary
Multipart responses do not quote/escape the value of their type
parameter (the subtype) even though it always contains at least one
special character (the slash "/"), which confuses standard-compliant
HTTP clients.
## Details
The Content-Type header in HTTP is in RFC 7231, Section 3.1.1.5:
https://tools.ietf.org/html/rfc7231#section-3.1.1.5
The section defers to the media type section (3.1.1.1) for the syntax of
the media type:
https://tools.ietf.org/html/rfc7231#section-3.1.1.1
This states that a parameter value can be quoted:
parameter = token "=" ( token / quoted-string )
A parameter value that matches the token production can be transmitted
either as a token or within a quoted-string. The quoted and unquoted
values are equivalent.
Tokens are defined in RFC 7230, Section 3.2.6 (via RFC 7231, appendix
C):
https://tools.ietf.org/html/rfc7231#appendix-C
https://tools.ietf.org/html/rfc7230#section-3.2.6
Here we observe that tokens cannot contain a slash "/" character:
token = 1*tchar
tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*"
/ "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
/ DIGIT / ALPHA
; any VCHAR, except delimiters
Delimiters are chosen from the set of US-ASCII visual characters not
allowed in a token (DQUOTE and "(),/:;<=>?@[\]{}").
However, the current implementation does not quote/escape the value of
the type parameter:
multipart/related; type=application/dicom
Instead, it should be:
multipart/related; type="application/dicom"
All of this also seems to apply to the MIME Content-Type header
definition, even though it is a little different:
https://www.iana.org/assignments/message-headers
https://tools.ietf.org/html/rfc2045#section-5.1
https://tools.ietf.org/html/rfc2387
author | Thibault Nélis <tn@osimis.io> |
---|---|
date | Mon, 16 Jan 2017 13:07:11 +0100 |
parents | 79d259b86aa9 |
children | c9c2faf76bec |
line wrap: on
line source
var pendingUploads = []; var currentUpload = 0; var totalUpload = 0; $(document).ready(function() { // Initialize the jQuery File Upload widget: $('#fileupload').fileupload({ //dataType: 'json', //maxChunkSize: 500, //sequentialUploads: true, limitConcurrentUploads: 3, add: function (e, data) { pendingUploads.push(data); } }) .bind('fileuploadstop', function(e, data) { $('#upload-button').removeClass('ui-disabled'); //$('#upload-abort').addClass('ui-disabled'); $('#progress .bar').css('width', '100%'); if ($('#progress .label').text() != 'Failure') $('#progress .label').text('Done'); }) .bind('fileuploadfail', function(e, data) { $('#progress .bar') .css('width', '100%') .css('background-color', 'red'); $('#progress .label').text('Failure'); }) .bind('fileuploaddrop', function (e, data) { var target = $('#upload-list'); $.each(data.files, function (index, file) { target.append('<li class="pending-file">' + file.name + '</li>'); }); target.listview('refresh'); }) .bind('fileuploadsend', function (e, data) { // Update the progress bar. Note: for some weird reason, the // "fileuploadprogressall" does not work under Firefox. var progress = parseInt(currentUpload / totalUploads * 100, 10); currentUpload += 1; $('#progress .label').text('Uploading: ' + progress + '%'); $('#progress .bar') .css('width', progress + '%') .css('background-color', 'green'); }); }); $('#upload').live('pageshow', function() { alert('WARNING - This page is currently affected by Orthanc issue #21: ' + '"DICOM files might be missing after uploading with Mozilla Firefox." ' + 'Do not use this upload feature for clinical uses, or carefully ' + 'check that all instances have been properly received by Orthanc. ' + 'Please use the command-line "ImportDicomFiles.py" script to circumvent this issue.'); $('#fileupload').fileupload('enable'); }); $('#upload').live('pagehide', function() { $('#fileupload').fileupload('disable'); }); $('#upload-button').live('click', function() { var pu = pendingUploads; pendingUploads = []; $('.pending-file').remove(); $('#upload-list').listview('refresh'); $('#progress .bar').css('width', '0%'); $('#progress .label').text(''); currentUpload = 1; totalUploads = pu.length + 1; if (pu.length > 0) { $('#upload-button').addClass('ui-disabled'); //$('#upload-abort').removeClass('ui-disabled'); } for (var i = 0; i < pu.length; i++) { pu[i].submit(); } }); $('#upload-clear').live('click', function() { pendingUploads = []; $('.pending-file').remove(); $('#upload-list').listview('refresh'); }); /*$('#upload-abort').live('click', function() { $('#fileupload').fileupload().abort(); });*/