This project is archived and is in readonly mode.

#3495 ✓resolved
beam

multipart/form-data and maemo browser

Reported by beam | November 19th, 2009 @ 09:17 AM

Invalid parameters from muptiptart/form-data form sended with Maemo Browser #

How to reproduce

rails test
cd test/
./script/generate controller test index
cat > app/views/test/index.html.erb << EOF
<html>
<head>
</head>
<body>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="authenticity_token" value="<%= form_authenticity_token %>" />
<input type="submit" value="submit" />
</form>
</body>
</html>
EOF
./script/server -b 192.168.1.10

Now you need to brows to http://192.168.1.10:3000/test/index with maemo browser and press submit button, and you get InvalidAuthenticityToken and this as a parameter list:

Parameters: {"authenticity_token"=>#<File:/tmp/RackMultipart20091119-15972-7huy2e-0>}

With firefox or IE or opera:

Parameters: {"authenticity_token"=>"FgGZ+7GZ+jEcOOAoAa0Cx7ExgghWDtxFUe8VWlVyQLU="}

Some info

with maemo browser we have:

POST /test/index HTTP/1.1
Host: 10.2.14.101:3000
User-Agent: Mozilla/5.0 (X11; U; Linux armv6l; ru-RU; rv:1.9a6pre) Gecko/20080828 Firefox/3.0a1 Tablet browser 0.3.7 RX-34+RX-44+RX-48_DIABLO_5.2008.43-7
Accept: text/xml,application/xml,application/atom+xml,application/rss+xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: ru
Accept-Encoding: gzip,deflate
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.2.14.101:3000/test/index
Cookie: _razor_session=BAh7BzoQX2NzcmZfdG9rZW4iMXBxQU9FL0xpeUc3dTZwUjFqUkd4UXg3SXNNRmFwSTlzQUMySnhxODRVYWM9Og9zZXNzaW9uX2lkIiVhODliYjQ4OWZiZmZjZTBjNGIxODk3ZGYzZTAxNzhmOQ%3D%3D--e426041a2498b3dbceefb4bf1b3f0f9b867c6ebd; _test_session=BAh7BzoQX2NzcmZfdG9rZW4iMStRbkNRRkRpc2lQb1QwNHlqNStiajhwYW5rRlpCOWZDWG5ONzJweXJxaFE9Og9zZXNzaW9uX2lkIiU1YTdiNjY1ZTRjOGJjYTVkMTFlM2QwOTExOTM0NzlhMQ%3D%3D--e48d25c9bd1302af1a1c8e66db94ff028b0b5287
Content-Type: multipart/form-data; boundary=---------------------------110252005920448977631967513926
Content-Length: 272

-----------------------------110252005920448977631967513926
Content-Type: text/plain; charset=UTF-8
Content-Disposition: form-data; name="authenticity_token"

FgGZ+7GZ+jEcOOAoAa0Cx7ExgghWDtxFUe8VWlVyQLU=
-----------------------------110252005920448977631967513926--

with firefox we have:

POST /test/index HTTP/1.1
Host: 10.2.14.101:3000
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4) Gecko/20091030 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051111 Firefox/1.5 BAVM/1.0.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: ru,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.2.14.101:3000/test/index
Cookie: _test_session=BAh7BzoQX2NzcmZfdG9rZW4iMStRbkNRRkRpc2lQb1QwNHlqNStiajhwYW5rRlpCOWZDWG5ONzJweXJxaFE9Og9zZXNzaW9uX2lkIiU1YTdiNjY1ZTRjOGJjYTVkMTFlM2QwOTExOTM0NzlhMQ%3D%3D--e48d25c9bd1302af1a1c8e66db94ff028b0b5287
Content-Type: multipart/form-data; boundary=---------------------------122499984610046910981719608194
Content-Length: 231

-----------------------------122499984610046910981719608194
Content-Disposition: form-data; name="authenticity_token"

FgGZ+7GZ+jEcOOAoAa0Cx7ExgghWDtxFUe8VWlVyQLU=
-----------------------------122499984610046910981719608194--

Comments and changes to this ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

People watching this ticket

Pages