Generating multipart boundary

Question

I\'m writing a script that uploads a file to a cgi script that expects a multipart request, such as a form on a HTML page. The boundary is a unique token that a

Answer 1

If you use something random enough like a GUID there shouldn't be any need to hunt through the payload to check for an alias of the boundary. Something like:-

----=NextPart_3676416B-9AD6-440C-B3C8-FC66DDC7DB45
Header:....

Payload
----=NextPart_3676416B-9AD6-440C-B3C8-FC66DDC7DB45--

Answer 2

And for the Swift people (to balance the Java):

func createBoundaryString() -> String {
    var str = ""
    let length = arc4random_uniform(11) + 30
    let charSet = [Character]("-_1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")

    for _ in 0..<length {
        str.append(charSet[Int(arc4random_uniform(UInt32(charSet.count)))])
    }
    return str
}

Answer 3

For Java guys :

protected String generateBoundary() {
             StringBuilder buffer = new StringBuilder();
             Random rand = new Random();
             int count = rand.nextInt(11) + 30; // a random size from 30 to 40
             for (int i = 0; i < count; i++) {
             buffer.append(MULTIPART_CHARS[rand.nextInt(MULTIPART_CHARS.length)]);
             }
             return buffer.toString();
        }

private final static char[] MULTIPART_CHARS =
             "-_1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
                  .toCharArray();

Reference url : http://hc.apache.org/httpcomponents-client-ga/httpmime/xref/org/apache/http/entity/mime/MultipartEntity.html

Answer 4

If you are feeling paranoid, you can generate a random boundary and search for it in the string to be sent, append random char (or re-create new) on find, repeat. But my experience is any arbitrary non-dictionary string of 10 or so characters is about impossible to occur, so picking something like ---BOUNDARY---BOUNDARY---BOUNDARY--- is perfectly sufficient.