summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--lib/cgi.rb4
2 files changed, 7 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index acd4bb8be9..e47630fdc9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sun Feb 11 07:46:45 2007 Akinori MUSHA <knu@iDaemons.org>
+
+ * lib/cgi.rb (CGI::QueryExtension::read_multipart): Properly parse
+ a quoted-string in a Content-Disposition value.
+
Sun Feb 11 06:27:54 2007 Akinori MUSHA <knu@iDaemons.org>
* configure.in, ext/thread/extconf.rb, lib/thread.rb: Add a
diff --git a/lib/cgi.rb b/lib/cgi.rb
index 38407da5cc..94d92e25ae 100644
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@@ -1037,8 +1037,8 @@ class CGI
body.rewind
- /Content-Disposition:.* filename="?([^\";]*)"?/ni.match(head)
- filename = ($1 or "")
+ /Content-Disposition:.* filename=(?:"((?:\\.|[^\"])*)"|([^;]*))/ni.match(head)
+ filename = ($1 or $2 or "")
if /Mac/ni.match(env_table['HTTP_USER_AGENT']) and
/Mozilla/ni.match(env_table['HTTP_USER_AGENT']) and
(not /MSIE/ni.match(env_table['HTTP_USER_AGENT']))
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 23:07:21 +0000