分段上传表单：订单有保证吗？

发布于 2024-12-05 04:26:25 字数 1041 浏览 1 评论 0原文

看来，当我使用 html 表单发出“Content-Type: multipart/form-data”POST 请求时，字段始终按照 HTML 中列出的顺序显示。实际上，所有浏览器都这样做吗？

想知道这一点的主要动机是这样我就可以对表单数据进行服务器端验证，而不需要将整个 HTTP 请求缓存在 RAM 中 |首先是磁盘。

我知道 CGI、PHP 等通常在上传完成之前不会执行任何操作。可能是因为 RFC 2388 第 5.5 节通过说未定义顺序来解决此问题。我正在使用高度定制的 thttpd 分支，并使用服务器中内置的 C 代码处理上传。所以我不在乎大多数服务器做什么。

我想知道的是，如果我冒着风险承担一项命令，我会因为这种假设而受伤吗？

以此形式为例：

  <form id="formUpload"
        target = "uploadTarget"
        method = "post"
        action = "/bin/upload"
        enctype= "multipart/form-data" >
    <input type="hidden" id="inUser" name="user" />
    <input type="hidden" id="inDest" name="dest"/>
    <input type="file" id="inFile" name="file" />
    <input type="button" value="Upload" onclick="uploadFile();" />
    <iframe id="uploadTarget" name="uploadTarget" src="" style="width:0;height:0;border:0px"/>
  </form>

'uploadFile()' 函数将填写用户名和密码。调用submit()之前的dest字段。我想验证用户和dest 服务器端也是如此，在 recv() 处理整个 HTTP 请求正文之前。

原文

It appears that when I use an html form to make a "Content-Type: multipart/form-data" POST request, the fields always appear in the order in which they are listed in the HTML. In practice, do all browsers do this?

The primary motivation for wanting to know this is so I can do server-side validation of form data w/o being required to cache the entire HTTP request in RAM | disk first.

I know CGI, PHP, etc typically won't do anything 'til the upload completes. Probably because RFC 2388 section 5.5 addresses this issue by saying the order is not defined. I'm working w/ a highly customized fork of thttpd and handling the upload w/ C code built right into the server. So I don't care what most servers do.

What I want to know, is if I go out on a limb and assume an order, will I get burned by that assumption?

Take this form for example:

  <form id="formUpload"
        target = "uploadTarget"
        method = "post"
        action = "/bin/upload"
        enctype= "multipart/form-data" >
    <input type="hidden" id="inUser" name="user" />
    <input type="hidden" id="inDest" name="dest"/>
    <input type="file" id="inFile" name="file" />
    <input type="button" value="Upload" onclick="uploadFile();" />
    <iframe id="uploadTarget" name="uploadTarget" src="" style="width:0;height:0;border:0px"/>
  </form>

The 'uploadFile()' function will fill in the user & dest fields before invoking submit(). I would like to validate user & dest server side as well, before recv()-ing the entire HTTP request body.

分享到QQ

分享到微博