https://github.com/rack/multifail

The Rather Large Multipart Test Suite
https://github.com/rack/multifail

Last synced: 5 months ago
JSON representation

The Rather Large Multipart Test Suite

• Host: GitHub
• URL: https://github.com/rack/multifail
• Owner: rack
• License: apache-2.0
• Created: 2014-08-03T19:23:10.000Z (almost 12 years ago)
• Default Branch: master
• Last Pushed: 2019-11-15T20:44:17.000Z (over 6 years ago)
• Last Synced: 2025-05-30T16:37:30.501Z (about 1 year ago)
• Language: HTML
• Homepage:
• Size: 170 KB
• Stars: 8
• Watchers: 3
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.txt

Awesome Lists containing this project

README

          
The Rather Large Multipart Test Suite

=====================================

The purpose of this test suite is to generate a corpus of data that can be used

to validate http servers / applications ability to parse multipart/form-data.

The present goal is not to provde/disprove "accuracy to specification", as no

specification for this protocol is ratified. The goal is to collect samples for

as many edge cases as possible, such that a robust parser can be validated to

a reasonable level of confidence.

Only a very minimal effort has been taken to try to keep this test suite small.

The goal is to attempt to collect data reliably, not (yet) to minimize the work

that implementors need to do. It is very likely that many of the resultant

samples (for example most versions of a browser from a single vendor) will be

protocol-identical. Before doing these tests, this cannot be easily proven,

particularly for closed source browsers.

Background

----------

I've been maintaining Rack for some years, and over those years I have found

that multipart is a bit of a crapshoot. Some Good Folk at w3c are trying to do

similar work (e.g. https://github.com/masinter/multipart-form-data), but not

with the same level of coverage to date. I plan to provide them with this data,

and/or resultant summaries.

Method

------

There are a lot of cases that are known to cause troubles in multipart forms,

each case will be tested in combination with other cases:

 * Different page character sets

 * Different form character sets

 * Single non-file fields

 * Single file fields

 * Multiple non-file fields

 * Multiple file fields

 * Single & multiple "multiple" file fields

 * Fields both filled in and not filled in

 * Content-Types: use known and unknown extensions

 * File names: plain names, reserved chars, 8 bit chars

 * Field names: plain names, reserved chars, 8 bit chars

There are several components (likely more, as this README may fall out of date):

 * dumper.go: this is a simple httpd that will be used for the tests. It serves

   up index.html, files from files/, files from tests/. When it recieves a POST

   to /dump/..., it will record the HTTP request data into a file named after

   the User-Agent header (URI escaped).

 * maketests.rb: this is a naive script that generates test html files in

   specific encodings, with particular form fields, etc. It also generates the

   files to be uploaded in files/.

Directories:

 * /dump/... : contains the results of browser uploads for each use case.

 * /tests/... : contains html files that should be filled out for each browser

   and submitted to produce dumps.

 * /files/... : contains files for uploading.

Results

-------

...

Copyright & License

-------------------

2014 (c) Google, Inc.

Apache 2. See LICENSE.txt.

This is NOT an official Google product.