jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcel Reutegger (Jira)" <j...@apache.org>
Subject [jira] [Commented] (OAK-9304) Filename portion of direct download URI Content-Disposition should be ISO-8859-1 encoded
Date Mon, 04 Jan 2021 09:37:00 GMT

    [ https://issues.apache.org/jira/browse/OAK-9304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17258102#comment-17258102
] 

Marcel Reutegger commented on OAK-9304:
---------------------------------------

bq. This bug has existed in Oak since Oak 1.10.  Do we need to backport to older supported
versions, and if so, which?

The Oak 1.10 branch is not supported/maintained anymore. It was superseded by the 1.22 maintenance
branch. I think it would make sense to backport it to that branch. Users affected by this
issue would then have to upgrade to 1.38.0 or 1.22.x.

> Filename portion of direct download URI Content-Disposition should be ISO-8859-1 encoded
> ----------------------------------------------------------------------------------------
>
>                 Key: OAK-9304
>                 URL: https://issues.apache.org/jira/browse/OAK-9304
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: blob-cloud, blob-cloud-azure, blob-plugins
>    Affects Versions: 1.36.0
>            Reporter: Matt Ryan
>            Assignee: Matt Ryan
>            Priority: Major
>
> The "filename" portion of the Content-Disposition needs to be ISO-8859-1 encoded, per
[https://tools.ietf.org/html/rfc6266#section-4.3] in this paragraph:
> {quote}The parameters "filename" and "filename*" differ only in that "filename*" uses
the encoding defined in RFC5987, allowing the use of characters not present in the ISO-8859-1
character set ISO-8859-1.
> {quote}
> This is not usually a problem, but if the filename provided contains non-standard characters,
it can cause the resulting signed URI to be invalid.  This can lead to blob storage services
being unable to service the URl request.
> For example, a filename of "Ausländische.jpg" currently requests a Content-Disposition
header that looks like:
> {noformat}
> inline; filename="Ausländische.jpg"; filename*=UTF-8''Ausla%CC%88ndische.jpg {noformat}
> It instead should look like:
> {noformat}
> inline; filename="Ausla?ndische.jpg"; filename*=UTF-8''Ausla%CC%88ndische.jpg {noformat}
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message