Jorge wrote:
On Mon, Apr 07, 2008 at 02:26:14PM +0000, corvid wrote:
a_Url_encode_hex_str() needed to accept a Dstr* because it is not illegal to use url encoding on a file. Maybe a situation that'll never happen, but then again, it's easy to leave off enctype.
In that case the behaviour is not specified.
i.e. (from http://www.ietf.org/rfc/rfc1867.txt):
5.8 File transfer with ENCTYPE=x-www-form-urlencoded
If a form contains <INPUT TYPE=file> elements but does not contain an ENCTYPE in the enclosing <FORM>, the behavior is not specified. It is probably inappropriate to attempt to URN-encode large quantities of data to servers that don't expect it.
(However, Firefox -- as if it's any authority on anything, but still -- doesn't send file contents for URL encoded forms. It just sends the filename.)
Probably is not a bad idea to follow this lead or investigate a bit further on what IE, Safari or Opera do, and then decide.
At least, I'd feel more comfortable with a file-size limit for both GET&POST, thus avoiding Dillo to exit because it can't allocate enough memory for sending a huge file.
Ohh... I thought RFC 1867 was just an old version of RFC 2388 (Returning Values from Forms: multipart/form-data), so I never looked at it. I'd prefer not to send the file at all if we don't have to.