• Welcome to Simple Machines Community Forum. Please login or sign up.
October 28, 2021, 03:27:07 AM

News:

SMF 2.1 RC4 has been released! Try it out and help us test! :) Read more.


bogus Content-Disposition header field sent to Firefox

Started by reschke, September 08, 2011, 05:42:02 AM

Previous topic - Next topic

SleePy

What browser are you using?  The file name has underscores (ie: _), so it should be sent like:
Content-Disposition: attachment; filename*=UTF-8''default_sort_for_boards.zip


Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf


tfs

Is there a final fix for this?  I'm getting the filename cut off at the first space with the patch that I found.
A good tree cannot bring forth evil fruit, neither can an evil tree bring forth good fruit.

reschke

Quote from: tfs on November 14, 2011, 11:22:36 AM
Is there a final fix for this?  I'm getting the filename cut off at the first space with the patch that I found.

If the code isn't escaping space characters then additional patches will be needed.

hartiberlin

So any real working solution ?
Where is the final fix please ?

Many thanks.

SleePy

Quote from: SleePy on November 18, 2011, 11:30:57 PM
Thantos has came up with a fix and I've applied it to the customize site.  It appears to work as excepted, can you confirm this as well?

Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf

IssMneur

I can confirm that the problem appears to be fixed on custom.simplemachines.org but not here.  If I try to download the attachment from the space example post I get a file called index.php when using FF8.  If I spoof my user agent as IE9, the file is offered and downloads fine (spaces an all).


SleePy

This has been patched on our community forums here.
Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf

IssMneur

Quote from: SleePy on November 27, 2011, 04:02:07 PM
This has been patched on our community forums here.
Looks like it is working correctly.

Out of curiosity which patch in the bug report or the thread that Illori linked was applied?

Edit: BTW, that captcha that is used here is brutal, it took 5 tries....

SleePy

The bug report has a more recent patch that details the fix.  Spaces needed corrected, Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.
Jeremy D — Site Team / SMF Developer
Support the SMF Support team!
Profiles:GitHub
Join us on IRC Libera.chat/#smf


reschke

Quote from: SleePy on November 27, 2011, 11:14:26 PM
The bug report has a more recent patch that details the fix.  Spaces needed corrected, Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

As far as I can tell, the proposed patch still special-cases Firefox. Don't. The only UAs that *are* special are IE<9 and Safari.

Thantos

Quote from: reschke on December 13, 2011, 04:09:06 AM
Quote from: SleePy on November 27, 2011, 11:14:26 PM
The bug report has a more recent patch that details the fix.  Spaces needed corrected, Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

As far as I can tell, the proposed patch still special-cases Firefox. Don't. The only UAs that *are* special are IE<9 and Safari.
The patch was designed to fix the issue that Firefox was having, not to redesign the entire solution.

reschke

Quote from: Thantos on December 13, 2011, 07:35:26 AM
Quote from: reschke on December 13, 2011, 04:09:06 AM
Quote from: SleePy on November 27, 2011, 11:14:26 PM
The bug report has a more recent patch that details the fix.  Spaces needed corrected, Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

As far as I can tell, the proposed patch still special-cases Firefox. Don't. The only UAs that *are* special are IE<9 and Safari.
The patch was designed to fix the issue that Firefox was having, not to redesign the entire solution.

Understood; but by maintaining more code paths than needed you make it harder for yourself than necessary.

reschke

So... the bug is still in state "NEW". What's holding up the resolution?

Illori

Quote from: SleePy on November 27, 2011, 11:14:26 PM
Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

also the developers have other things on their plate to work on.

reschke

Quote from: Illori on January 31, 2012, 04:34:55 PM
Quote from: SleePy on November 27, 2011, 11:14:26 PM
Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

also the developers have other things on their plate to work on.

Acknowledged. But please don't blame Mozilla when a future version of Firefox starts failing again.

Oldiesmann

Quote from: reschke on February 02, 2012, 07:05:14 AM
Quote from: Illori on January 31, 2012, 04:34:55 PM
Quote from: SleePy on November 27, 2011, 11:14:26 PM
Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

also the developers have other things on their plate to work on.

Acknowledged. But please don't blame Mozilla when a future version of Firefox starts failing again.

What solution do you suggest then? The patch fixed the issue without breaking things more.
Michael Eshom
Cincy Space - now open!

reschke

Quote from: Oldiesmann on February 02, 2012, 11:40:43 AM
Quote from: reschke on February 02, 2012, 07:05:14 AM
Quote from: Illori on January 31, 2012, 04:34:55 PM
Quote from: SleePy on November 27, 2011, 11:14:26 PM
Its not the fix we wanted to do (wanted to do urlencode but it causes other issues), but it does the job none the less.

also the developers have other things on their plate to work on.

Acknowledged. But please don't blame Mozilla when a future version of Firefox starts failing again.

What solution do you suggest then? The patch fixed the issue without breaking things more.

My understanding was that the fix hasn't been applied (the bug status still is "new").

Advertisement: