Securely upload files to a Remote Server using JAVA client code - Part 1


You would fire a HTTP or HTTPS request to a Remote Server (HTTP) to send data. Sending JSON data / XML data is different than sending file data.
A HTTP multipart request is a HTTP request that HTTP clients construct to send files and data over to a HTTP Server. It is commonly used by browsers and HTTP clients to upload files to the server.

Let me explain how a browser encodes an html form before sending to server.

When you a select a file to be uploaded via a browser, it creates a multipart (Multiple Parts) request which consists of file content and other supporting information like filesize, boundary string, content type, additional parameters etc. Instead of URL encoding the form parameters, the form parameters (including the file data) are sent as sections in a multipart document in the body of the request.

Here's what a Multipart Request looks like (Firebug View):



Transfer-Encoding chunked:
Chunked transfer encoding is a data transfer mechanism in which data is sent in a series of "chunks".

Content-Type     multipart/form-data; boundary=---------------------------204472851627279345251768965
The Content-Type "multipart/form-data" specifies how the form data set is encoded. Form-data is a sequence of "name / value" pairs defined inside 'form' section. Boundary is just random unique string used to mark separation between different form-data sequences. Let me show you what I mean:

Post Data:

For example in the above form, data set is:
name=filename
value=color-scheme-6656-main.png

name=filePath
value=lib/

name=uploadedfiles[]
value=binary encode filecontent, which is a image file

The encoding "multipart/form-data" says, message contains a series of parts each part contains a name-value pair in the "form data set". Each part is separated using the "boundary" string and is specified in the below format:

// New line
// New line
--<value-of-boundary>
Content-Disposition: form-data; name="<control-name>" [filename="name-of-the-file-if-control-is-file"]
[Content-Type: <The-content-type-of-the-uploded-file-if-control-is-file>]
// New line
Actual file content either as clear text of binary data depending on file type
// New line
// New line

After all parts have been added to the request body, we need to indicate the end of all parts with a string that is formed by appending and prep-ending the boundary attribute by two dashes (--). For example it is ---------------------------204472851627279345251768965-- as show in the last red box of the above screenshot.
Once the request is ready & fired with all the above data, the receiver (server) will analyse all the information from the request and should be able to save the file will all the content intact.

1 comment: Leave Your Comments

  1. Hi Piyush. Thanks for coming up with this article. Been using multipart but never thought of why it is different. Very well written. Can you clarify one thing how would response would look like if suppose file is of size in GBs. Is there any catch ?

    ReplyDelete

+