mime: properly check Content-Type even if it has parameters

New test 669 checks this fix is effective.

Fixes #5256
Closes #5258
Reported-by: thanhchungbtc on github

3 files changed, 84 insertions, 3 deletions

diff --git a/lib/mime.c b/lib/mime.c
index b72732310..e13d92e94 100644
--- a/lib/mime.c
+++ b/lib/mime.c
@@ -1778,6 +1778,23 @@ const char *Curl_mime_contenttype(const char *filename)
   return NULL;
 }
 
+static bool content_type_match(const char *contenttype, const char *target)
+{
+  size_t len = strlen(target);
+
+  if(contenttype && strncasecompare(contenttype, target, len))
+    switch(contenttype[len]) {
+    case '\0':
+    case '\t':
+    case '\r':
+    case '\n':
+    case ' ':
+    case ';':
+      return TRUE;
+    }
+  return FALSE;
+}
+
 CURLcode Curl_mime_prepare_headers(curl_mimepart *part,
                                    const char *contenttype,
                                    const char *disposition,
@@ -1829,7 +1846,7 @@ CURLcode Curl_mime_prepare_headers(curl_mimepart *part,
       boundary = mime->boundary;
   }
   else if(contenttype && !customct &&
-          strcasecompare(contenttype, "text/plain"))
+          content_type_match(contenttype, "text/plain"))
     if(strategy == MIMESTRATEGY_MAIL || !part->filename)
       contenttype = NULL;
 
@@ -1905,7 +1922,7 @@ CURLcode Curl_mime_prepare_headers(curl_mimepart *part,
     curl_mimepart *subpart;
 
     disposition = NULL;
-    if(strcasecompare(contenttype, "multipart/form-data"))
+    if(content_type_match(contenttype, "multipart/form-data"))
       disposition = "form-data";
     for(subpart = mime->firstpart; subpart; subpart = subpart->nextpart) {
       ret = Curl_mime_prepare_headers(subpart, NULL, disposition, strategy);
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index aa2883929..aabe1e6d9 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -87,7 +87,7 @@ test626 test627 test628 test629 test630 test631 test632 test633 test634 \
 test635 test636 test637 test638 test639 test640 test641 test642 \
 test643 test644 test645 test646 test647 test648 test649 test650 test651 \
 test652 test653 test654 test655 test656 test658 test659 test660 test661 \
-test662 test663 test664 test665 test666 test667 test668 \
+test662 test663 test664 test665 test666 test667 test668 test669 \
 test670 test671 test672 test673 \
 \
 test700 test701 test702 test703 test704 test705 test706 test707 test708 \
diff --git a/tests/data/test669 b/tests/data/test669
new file mode 100644
index 000000000..aaae2c51d
--- /dev/null
+++ b/tests/data/test669
@@ -0,0 +1,64 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP POST
+HTTP MIME POST
+HTTP FORMPOST
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.0 200 OK swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+
+blablabla
+
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP custom Content-Type with parameter
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/we/want/669 -H 'Content-type: multipart/form-data; charset=utf-8' -F name=daniel -F tool=curl
+</command>
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<strippart>
+s/^--------------------------[a-z0-9]*/------------------------------/
+s/boundary=------------------------[a-z0-9]*/boundary=----------------------------/
+</strippart>
+<protocol>
+POST /we/want/669 HTTP/1.1

+User-Agent: curl/7.10.4 (i686-pc-linux-gnu) libcurl/7.10.4 OpenSSL/0.9.7a ipv6 zlib/1.1.3

+Host: %HOSTIP:%HTTPPORT

+Accept: */*

+Content-Length: 242

+Content-Type: multipart/form-data; charset=utf-8; boundary=----------------------------

+

+------------------------------

+Content-Disposition: form-data; name="name"

+

+daniel

+------------------------------

+Content-Disposition: form-data; name="tool"

+

+curl

+--------------------------------

+</protocol>
+</verify>
+</testcase>