Mercurial > hg > orthanc

view Resources/Patches/mongoose-3.8-patch.diff @ 2248:69b0f4e8a49b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Escape multipart type parameter value in Content-Type header ## Summary Multipart responses do not quote/escape the value of their type parameter (the subtype) even though it always contains at least one special character (the slash "/"), which confuses standard-compliant HTTP clients. ## Details The Content-Type header in HTTP is in RFC 7231, Section 3.1.1.5: https://tools.ietf.org/html/rfc7231#section-3.1.1.5 The section defers to the media type section (3.1.1.1) for the syntax of the media type: https://tools.ietf.org/html/rfc7231#section-3.1.1.1 This states that a parameter value can be quoted: parameter = token "=" ( token / quoted-string ) A parameter value that matches the token production can be transmitted either as a token or within a quoted-string. The quoted and unquoted values are equivalent. Tokens are defined in RFC 7230, Section 3.2.6 (via RFC 7231, appendix C): https://tools.ietf.org/html/rfc7231#appendix-C https://tools.ietf.org/html/rfc7230#section-3.2.6 Here we observe that tokens cannot contain a slash "/" character: token = 1*tchar tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA ; any VCHAR, except delimiters Delimiters are chosen from the set of US-ASCII visual characters not allowed in a token (DQUOTE and "(),/:;<=>?@[\]{}"). However, the current implementation does not quote/escape the value of the type parameter: multipart/related; type=application/dicom Instead, it should be: multipart/related; type="application/dicom" All of this also seems to apply to the MIME Content-Type header definition, even though it is a little different: https://www.iana.org/assignments/message-headers https://tools.ietf.org/html/rfc2045#section-5.1 https://tools.ietf.org/html/rfc2387
author Thibault Nélis <tn@osimis.io>
date Mon, 16 Jan 2017 13:07:11 +0100
parents a119f9ae3640
children 8f2bda0719f4
line wrap: on
line source

--- mongoose.c.orig	2014-09-01 11:25:18.223466994 +0200
+++ mongoose.c	2014-09-01 11:30:21.807479338 +0200
@@ -50,6 +50,14 @@
 #define PATH_MAX FILENAME_MAX
 #endif // __SYMBIAN32__
 
+#if __gnu_hurd__ == 1
+/**
+ * There is no limit on the length on a path under GNU Hurd, so we set
+ * it to an arbitrary constant.
+ **/
+#define PATH_MAX 4096
+#endif
+
 #ifndef _WIN32_WCE // Some ANSI #includes are not available on Windows CE
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -108,8 +116,9 @@
 #define strtoll(x, y, z) _atoi64(x)
 #else
 #define __func__  __FUNCTION__
-#define strtoull(x, y, z) _strtoui64(x, y, z)
-#define strtoll(x, y, z) _strtoi64(x, y, z)
+#include <stdlib.h>
+//#define strtoull(x, y, z) _strtoui64(x, y, z)
+//#define strtoll(x, y, z) _strtoi64(x, y, z)
 #endif // _MSC_VER
 
 #define ERRNO   GetLastError()