• 
  
    
 
    
 
    

    



    
    
    
    
     
    




    
 
    

  
    



    
 

 

  

  

 

    


  
    





    
 
    



  

    
 
 
    
  
    Don't trust the browser-provided mimetype if it looks bogus.
    
 
    

    



 
    
 
    

  Review Request #6118
  —
  Created July 19, 2014 and submitted 

 
    


    




    




    




 
    
  
    
   Information

  
    



    
 
 
    
  david
 
    

    





    
 
 
    
  Review Board
 
    

    





    
 
 
    
  release-2.0.x
 
    

    





    
 
 
    
  3427
 
    

    





    
 
 
    
  
 
    

    





    
 
 
    
  d1d8ec2...
 
    

    



 
    



 
    
  
    
   Reviewers

  
    



    
 
 
    
  reviewboard
 
    

    





    
 
 
    
  
 
    

    



 
    



    


    
 
    




  

    
 
 
    
  
    A user was reporting that their PDF file uploads were being assigned the
    
mimetype of "text/text/application/pdf", which is completely bogus. If
    
splitting on '/' produces anything other than a list of two strings, don't
    
allow it to proceed.
    
 
    

    





  

    
 
 
    
  
    Ran unit tests.
    
 
    

    




 
    

    





    
 
    









 





    
 
 
 
    
  
    
   
    
    
    
     
    
    
    
      
     
    • 
      
     
      • 
     
    • 
      
     
      • 
     
    • 
      
     
      • 
     
    • 
      
     
      • 
     
    • 
      
     
      • 
    
    
   
    
   
    
    
     
    
      Description
      From
      Last Updated
     
    
        
    



     
    
      
       
       
    Shouldn't this be blah.split('/') != 2, instead of using not .. ==?
    
          		
      
       chipx86chipx86
      
      
       
      
     
    



     
    
      
       
       
    Can we add a comment above this conditional talking about this, and referencing the bug? It's obscure enough that I …
    
          		
      
       chipx86chipx86
      
      
       
      
     
    

        
   
    
  
    
 
    

    




 
    

    



  
    
 
    

    


    


 













    
 





 
    
  
    
   
    



reviewbot




   
    
   
    



    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
reviewbot


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      Tool: PEP8 Style Checker
Processed Files:
    reviewboard/attachments/forms.py



Tool: Pyflakes
Processed Files:
    reviewboard/attachments/forms.py


      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 















    2. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 


    

  
    
 
    

    












    
 





 
    
  
    
   
    



chipx86




   
    
   
    





    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
chipx86


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 

















    2. 
 
      
  
  
      
  
 
      
  
      
   
      
    
     
      
      
       reviewboard/attachments/forms.py
       


        (Diff revision 1)


       
      
     
      
          
    
     
       
      

     
       
      

          
   
      
  
      
 
      

   
      
    
    




      
 
      
  
  
  

  
  
   Show all issues
  
 
      

      



    
      Shouldn't this be blah.split('/') != 2, instead of using not .. ==?
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 




    3. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      4. 


    

  
    
 
    

    












    
 



 
    
  
    
   
    



david




   
    
   
    
  
    
 
    


 

    












    
 





 
    
  
    
   
    



reviewbot




   
    
   
    



    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
reviewbot


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      Tool: PEP8 Style Checker
Processed Files:
    reviewboard/attachments/forms.py



Tool: Pyflakes
Processed Files:
    reviewboard/attachments/forms.py


      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 















    2. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 


    

  
    
 
    

    












    
 





 
    
  
    
   
    



chipx86




   
    
   
    





    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
chipx86


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 

















    2. 
 
      
  
  
      
  
 
      
  
      
   
      
    
     
      
      
       reviewboard/attachments/forms.py
       


        (Diff revision 2)


       
      
     
      
          
    
     
       
      

     
       
      

          
   
      
  
      
 
      

   
      
    
    




      
 
      
  
  
  

  
  
   Show all issues
  
 
      

      



    
      Can we add a comment above this conditional talking about this, and referencing the bug? It's obscure enough that I think it's worth calling out.
      

      (I'm still a bit skeptical that browsers would be sending such a broken mimetype, but it doesn't hurt to have this I suppose.)
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 




    3. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      4. 


    

  
    
 
    

    












    
 



 
    
  
    
   
    



david




   
    
   
    
  
    
 
    


 

    












    
 





 
    
  
    
   
    



reviewbot




   
    
   
    



    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
reviewbot


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      Tool: PEP8 Style Checker
Processed Files:
    reviewboard/attachments/forms.py



Tool: Pyflakes
Processed Files:
    reviewboard/attachments/forms.py


      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 















    2. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 


    

  
    
 
    

    












    
 





 
    
  
    
   
    



chipx86




   
    
   
    





    
  
    
 
    


 
    
  
    

   
    
   
    
    
     
chipx86


    
    
   
    

  
    
  
    
  
    


      




    1. 
 
      
  
      
   
      Ship It!
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      2. 















    2. 
 
      
  
      
   
      
  
      
 
      

 
      
  


      
 
      
 
        

  

 
      


      

 
      

      3. 


    

  
    
 
    

    












    
 



 
    
  
    
   
    



david




   
    
   
    
  
    
 
    


 
    
  
    

   
    
   
    
    
     Review request changed
    
    
   
    

  
    
  
    
  
    




    

  
    
   
    
    Status:
   
    
   
    

    Completed

   
    
  
    



  
    
   
    
    Change Summary:
   
    
   
    
    
    Pushed to release-2.0.x (928eb49)