Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why not always use enctype="multipart/form-data"?

When building HTML forms why do we not always use enctype="multipart/form-data"?

like image 768
sneeu Avatar asked Jun 24 '09 15:06

sneeu


People also ask

When must we use the attribute Enctype multipart form data?

Multipart form data: The ENCTYPE attribute of <form> tag specifies the method of encoding for the form data. It is one of the two ways of encoding the HTML form. It is specifically used when file uploading is required in HTML form. It sends the form data to server in multiple parts because of large size of file.

What is the purpose of Enctype in form?

The enctype attribute specifies how the form-data should be encoded when submitting it to the server. Note: The enctype attribute can be used only if method="post" .

Is multipart form data secure?

Our security department, recently, informed us we should stop and avoid to use the content type 'multipart/form-data' in order to send a file to a web server, because it is not considered 'safe'.

What is Enctype multipart?

enctype(ENCode TYPE) attribute specifies how the form-data should be encoded when submitting it to the server. multipart/form-data is one of the value of enctype attribute, which is used in form element that have a file upload. multi-part means form data divides into multiple parts and send to server.


2 Answers

multipart/form-data is a lot bulkier than application/x-www-form-urlencoded; the latter is just a bunch of keys and values (and can be parsed the same way whether for GET or POST), whereas the former requires full MIME support, and is thus more useful when you have data that can't simply be represented as key/value pairs.

like image 52
Chris Jester-Young Avatar answered Oct 24 '22 09:10

Chris Jester-Young


Because it's a pain to handle, both on the server and in custom clients. Simple is better than complicated, unless simple just doesn't work.

like image 7
Hank Gay Avatar answered Oct 24 '22 11:10

Hank Gay