Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mime: allow duplicate media parameters with equal values #48866

Closed
iredmail opened this issue Oct 8, 2021 · 12 comments
Closed

mime: allow duplicate media parameters with equal values #48866

iredmail opened this issue Oct 8, 2021 · 12 comments
Labels
FrozenDueToAge Proposal Proposal-Accepted Proposal-FinalCommentPeriod
Projects
Proposals (old)
Milestone
Backlog

Comments

@iredmail
Copy link

iredmail commented Oct 8, 2021
edited

[This is a duplicate proposal of #28618, but it's closed due to Timed out in state WaitingForInfo. and doesn't accept further discussion.]

Some mail user agent (MUA) (incorrectly) generates mail header with duplicate parameter names, this is the one i received recently (duplicate boundary):

Content-Type: multipart/alternative; boundary="----RTIR0GV26TDW15Q5CVX979LBL6XN18"; boundary="----RTIR0GV26TDW15Q5CVX979LBL6XN18"

Golang standard library mime.ParseMediaType() does not allow duplicate media parameters so it is impossible to parse such a header (it returns error mime: duplicate parameter name).

I suggest making the mime.ParseMediaType() function more tolerant to such errors, for example, just use the first value and ignore the rest. At least it should not stop the execution if duplicate parameters have the same value.

See also:
@gopherbot gopherbot added this to the Proposal milestone Oct 8, 2021
@ianlancetaylor ianlancetaylor added this to Incoming in Proposals (old) Oct 8, 2021
@rsc
Copy link
Contributor

rsc commented Oct 13, 2021

@iredmail what MUA specifically is generating this kind of message?

/cc @neild

@rsc
Copy link
Contributor

rsc commented Oct 13, 2021

This proposal has been added to the active column of the proposals project
and will now be reviewed at the weekly proposal review meetings.
— rsc for the proposal review group

@rsc rsc moved this from Incoming to Active in Proposals (old) Oct 13, 2021
@iredmail
Copy link
Author

@iredmail what MUA specifically is generating this kind of message?

Unfortunately the email doesn't contain a header like X-Mailer: to identify the MUA program, so i don't know. :(

  • The email was sent on 24 Feb 2020, since we use mime package to parse email message for archiving purpose, it's normal that we need to parse a lot old emails which might be non-RFC-compliant.
  • Email message is easy to forge, and many MUAs (especially email marketing and spamming tools) don't generate standard emails, it's also normal that we receive non-RFC-compliant messages.

@rsc
Copy link
Contributor

rsc commented Oct 20, 2021

It sounds like the proposal is to continue to reject duplicate boundary= parameters but have a special case that if the duplicates all say the same boundary value, then it's OK. There's at least one buggy program generating these, and the intent is at least pretty clear.

Do I have that right?

@iredmail
Copy link
Author

iredmail commented Oct 21, 2021
edited

You're right.

Unlike duplicate parameters with different values, there's no need to judge which one to use as final value, so ideally it should be allowed. :)

Note: ideally it should apply to all duplicate parameters with same value, not just boundary=. :)

@rsc rsc changed the title proposal: mime: handling duplicate media parameters proposal: mime: allow duplicate media parameters with equal values Oct 27, 2021
@rsc rsc moved this from Active to Likely Accept in Proposals (old) Oct 27, 2021
@rsc
Copy link
Contributor

rsc commented Oct 27, 2021

Based on the discussion above, this proposal seems like a likely accept.
— rsc for the proposal review group

@rsc rsc moved this from Likely Accept to Accepted in Proposals (old) Nov 3, 2021
@rsc
Copy link
Contributor

rsc commented Nov 3, 2021

No change in consensus, so accepted. 🎉
This issue now tracks the work of implementing the proposal.
— rsc for the proposal review group

@rsc rsc changed the title proposal: mime: allow duplicate media parameters with equal values mime: allow duplicate media parameters with equal values Nov 3, 2021
@rsc rsc modified the milestones: Proposal, Backlog Nov 3, 2021
@tpaschalis
Copy link
Contributor

I'll take a stab and open a CL for this if it's okay. With a quick look through the RFC, it seems like the the tokens are case-insensitive, but I'm not sure if this is okay for edge-case tokens using different character sets.

@gopherbot
Copy link

Change https://golang.org/cl/363094 mentions this issue: mime: allow duplicate media type parameters with equivalent values

@iredmail
Copy link
Author

Dear @tpaschalis @rsc

Thank you very much. :)

@ianlancetaylor
Copy link
Contributor

Wait, we shouldn't close this issue yet. This now tracks actually implementing the change.

@gopherbot
Copy link

Change https://go.dev/cl/450280 mentions this issue: go1.20: add release notes for archive/zip, encoding/binary, mime

gopherbot pushed a commit that referenced this issue Nov 15, 2022
@neild
doc/go1.20: add release notes for archive/zip, encoding/binary, mime
6df5421 
For #48866
For #54139
For #54801

Change-Id: Iafe72ccc7e756ec1edb5bb7e8e90d385458cff29
Reviewed-on: https://go-review.googlesource.com/c/go/+/450280
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Damien Neil <dneil@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
@golang golang locked and limited conversation to collaborators Nov 14, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge Proposal Proposal-Accepted Proposal-FinalCommentPeriod
Projects
No open projects
Proposals (old)
Accepted
Milestone
Backlog
Development

No branches or pull requests
5 participants
@rsc @iredmail @ianlancetaylor @gopherbot @tpaschalis