tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shanti Suresh <>
Subject Re: [slightly OT] FORM based authentication and utf-8 encoding of credentials
Date Wed, 26 Jun 2013 15:00:47 GMT
Hi Chris,

This is such an interesting discussion.  I am not sure what to make of this
person's comment:

TAXI   2012-10-09 09:03:59 PDT

Wow, no fix since 8 years...

And this is a real bug: If the HTTP header says the file is encoded in
ISO-8859-1 the common way to override this with HTML is:

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

Firefox reads the body in UTF-8 then, which is fine, but the charset
used in forms is still ISO-8859-1, so you have to add
accept-charset="utf-8" to the form just for firefox (other browser
automatically use UTF-8 or send the charset with the content-type).

So: Why the hell is nobody fixing this bug?

So the questions I have are:
(1) Firefox is not properly sending UTF-8 in the POST request even if it
reads the HTML page in UTF-8?  And other browsers are now sending
"charset=utf-8" based on the the HTML META tag?
(2) Firefox has started respecting the accept-charset="utf-8" attribute in
forms now such that it adds charset to the Content-Type header of the POST
request?   I'm confused.  I thought Mozilla was not going to fix  this

Thanks for any clarifications.


On Wed, Jun 26, 2013 at 9:58 AM, Christopher Schultz

> Here's the long-standing bug in Mozilla:
> ...and one referenced from it with better spec-research:
> The bottom line is two specific items:
> 1. Content-Type should only have a "charset" attribute for "text/" types
> 2. Adding "charset" to Content-Type for application/x-form-urlencoded
> has broken some stuff in the past, so Mozilla has chosen not to
> re-enable it
> - -chris

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message