Page MenuHomePhabricator

Support file attachments on HTTPSFuture
ClosedPublic

Authored by epriestley on Apr 21 2014, 6:40 PM.
Tags
None
Referenced Files
F14033750: D8831.diff
Sat, Nov 9, 7:48 PM
F13994103: D8831.diff
Wed, Oct 23, 3:50 AM
F13983256: D8831.id20953.diff
Sun, Oct 20, 5:07 AM
F13968530: D8831.id20954.diff
Wed, Oct 16, 9:42 PM
F13964741: D8831.id.diff
Tue, Oct 15, 9:42 PM
Unknown Object (File)
Oct 9 2024, 1:42 PM
Unknown Object (File)
Oct 4 2024, 8:39 PM
Unknown Object (File)
Oct 4 2024, 8:36 PM
Subscribers

Details

Summary

@zeeg wants this for some build stuff and we'd like it in general to make Mailgun work better. It's a bit messy because of how cURL works. See pages of comments inline.

Test Plan
  • Added tests for the parser stuff.
  • Made various requests with and without file attachments and saw them encode data as expected.
  • Made some dangerous requests (with "@") and saw them fail.

Diff Detail

Repository
rPHU libphutil
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley retitled this revision from to Support file attachments on HTTPSFuture.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added a subscriber: zeeg.
  • Handle mime types and file names; use CURLFile if available.
btrahan edited edge metadata.

Are we locked into supporting certain PHP versions? Diff had me wondering.

This revision is now accepted and ready to land.Apr 21 2014, 9:26 PM

We don't formally support PHP before 5.2.3, but we don't have a hard kill for earlier versions in libphutil (we do in Phabricator).

I think the major risk here is someone including the library, or copy/pasting the code, or using it as a reference to implement something similar. In most cases, if you do that and run on an old PHP you get a nonfunctional feature which is broken in an obvious way (e.g., missing function or something like that), but in this case you'd get a gaping security hole. The two lines of cruft feel kind-of-okayish to me given the extreme badness of not doing the check.

epriestley updated this revision to Diff 20961.

Closed by commit rPHU159b5065d9d4 (authored by @epriestley).