Re: file upload comments

Luke (
Tue, 25 Jul 95 20:07:20 EDT

On Mon, 24 Jul 1995, Larry Masinter wrote:
>Last week, two comments came in about the file upload proposal by
>folks trying to implement it. I think the result is that there will be
>a revised draft; this is to let you know the status:

I somehow missed the discussion. I'll take the liberty to shout:
Content-length should be REQUIRED!!!

>>Hi there, we had a question here about your file upload
>>specification. It does not seem to require a content-length for the
>>POST data which is being sent to the server.
>>In your compatibility section, you discuss implementation of this type
>>of form handler via CGI. In order to work with servers other than NCSA
>>httpd such as CERN httpd and Netsite, the browser must send
>>content-length so the server knows how much data to pass on to the
>>script. The CGI spec implicitly requires content-length in a POST
>>request, and states that the server is only required to send that many
>>bytes to the CGI program on stdin.
>>There's some concern here that your test implementation does not send
>>a content-length. Is this correct? If so, do you plan to make sure
>>your CGI implementation will work with all of today's servers without
>>modifying them to parse the multipart data?
>My reply:
>>I took content-length out of the proposal for the parts of
>>multipart/form-data because of the strong concern of the MIME
>>community that content-length has had serious problems.

What serious problems? It only adds a little DUTY to sender, which is the
ONLY way to let receiver assured that he is not talking to a non-stop

>>The HTTP spec notes that many implementations require content-length
>>when there is a PUT or POST, but in this particular case, where the
>>content-type of the POST is self-delimiting, the content-length should
>>not be required. I suppose, under the spirit of 'be conservative in
>>what you send' it would be better for a real implementation to include
>>content-length, but I was worried about the case where the data in the
>>files being uploaded might change between computation of
>>content-length and the actual data transmission.

Is that so difficult to ensure data being transmitted would not change
between computation of content-length and the actual data transmission?
I don't think so...

>I intend to note this issue in the revised version of the file upload
>draft, but I don't think the HTML part of the specification will

Oh Please! Content-length should be required in all MIME type data
transmissions. There should be NO EXCEPTIONS!