FileField and semi-colon

[Chaiwat Suttipongsakul]

Dear All,

Django can't handle file file ';' in filename correctly. In django/http/__init__.py function parse_file_upload (trunk)

def parse_file_upload(header_dict, post_data):
    "Returns a tuple of (POST QueryDict, FILES MultiValueDict)"
    import email, email.Message
    from cgi import parse_header
    raw_message = '\r\n'.join(['%s:%s' % pair for pair in header_dict.items()])
    raw_message += '\r\n\r\n' + post_data
    msg = email.message_from_string(raw_message)
    POST = QueryDict('', mutable=True)
    FILES = MultiValueDict()
    for submessage in msg.get_payload ():
        if submessage and isinstance(submessage, email.Message.Message):
            name_dict = parse_header(submessage['Content-Disposition'])[1]

 it import parse_header from cgi module (example from python-2.5):

def parse_header(line):
    """Parse a Content-type like header.

    Return the main content-type and a dictionary of options.

    """
    plist = [x.strip() for x in line.split(';')]
    key = plist.pop(0).lower()
    pdict = {}
    for p in plist:
        i = p.find('=')
        if i >= 0:
            name = p[:i].strip().lower()
            value = p[i+1:].strip()
            if len(value) >= 2 and value[0] == value[-1] == '"':
                value = value[1:-1]
                value = value.replace('\\\\', '\\').replace('\\"', '"')
            pdict[name] = value
    return key, pdict

This function implicitly split ';' which will not work correctly for filename that has ';' as part of its name.
Does the browser should escape ';' in filename before upload or we should do it at application level or framework level or I should report this bug to python mainstream?

Regards,
Chaiwat.S