Apache Commons logo Commons FileUpload

Apache Commons FileUpload Release Notes

Release History

Version Date Description
2.0.0-M2 2023-12-24 2.0.0-M2 Release
2.0.0-M1 2023-07-14 2.0.0-M1 Release
1.5 2023-02-01 1.5 Release
1.4 2018-12-23 1.4 Release
1.3.3 2017-06-13 Bugfix release for 1.3.3
1.3.2 2016.05-26 Bugfix release for 1.3.1
1.3.2 2014-02-07 This is a security and maintenance release that includes an important security fix as well. Compared to 1.3.1, no other changes have been made.
1.3.1 2014-02-07 This is a security and maintenance release that includes an important security fix as well as a small number of bugfixes.
1.3 2013-03-27 maintenance release, JDK1.5 update
1.2.2 2010-07-29  
1.2.1 2008-01-18  
1.2 2007-02-13  
1.1.1 2006-06-08 Bugfix release
1.1 2005-12-24 Portlet support, substantial refactoring and numerous bug fixes
1.0 2003-06-26 Initial release

Release 2.0.0-M2 – 2023-12-24

Type Changes By
Add Fix off-by-one error when checking fileSizeMax in FileItemInputImpl #235. Thanks to James Reeves. ggregory
Add NullPointerException in DiskFileItem#toString. Fixes FILEUPLOAD-352. Thanks to Björn Kautler, Gary Gregory. ggregory
Add Fail fast on null inputs to org.apache.commons.fileupload2.core.AbstractRequestContext.AbstractRequestContext(Function, LongSupplier, T). Thanks to Gary Gregory. ggregory
Add Complete refactoring in JakartaServletRequestContext. Thanks to Gary Gregory. ggregory
Add Fix "Implicit narrowing conversion in compound assignment" from https://github.com/apache/commons-fileupload/security/code-scanning/118. Thanks to Gary Gregory. ggregory
Fix Pick up Maven Moditect plugin version from parent POM. Thanks to Gary Gregory. ggregory
Add Refactor to support Jakarta Servlet 5 and 6. Thanks to Gary Gregory. ggregory
Add Generate some OSGi metadata. Thanks to Michal H Siemaszko, Gary Gregory. ggregory
Update Bump Java from 8 to 11. Thanks to Dependabot. ggregory
Update Bump commons-parent from 58 to 65. Thanks to Gary Gregory. ggregory
Update Bump commons-lang3 from 3.12.0 to 3.14.0. Thanks to Gary Gregory. ggregory
Update Bump commons-io from 2.13.0 to 2.15.1. Thanks to Gary Gregory. ggregory

Release 2.0.0-M1 – 2023-07-14

Type Changes By
Fix Changing Maven coordinates, and package name, due to binary incompatible changes. jochen
Fix DiskFileItem.write(File) had been changed to use FileUtils.moveFile internally, preventing an existing file as the target. Fixes FILEUPLOAD-293. jochen
Fix Performance gains by reusing an internal buffer. Fixes FILEUPLOAD-296. Thanks to David Georg Reochelt. jochen
Fix RFC 5987 compliance. Fixes FILEUPLOAD-274. Thanks to Merbin J Anselm. jochen
Fix Slight optim: resuse the index position instead of recomputing it #49. Thanks to Emmanuel Lécharny. ggregory
Fix Make commons-fileupload2 a JPMS module by adding module-info.class. Fixes FILEUPLOAD-340. mgrigorov
Fix Move Exception classes out of the impl package. Fixes FILEUPLOAD-341. Thanks to Martin Grigorov. jochen
Fix Rework exceptions to use propagated exception causes (introduced in Java 1.4). Thanks to Gary Gregory. ggregory
Fix All custom exception extend FileUploadException. Thanks to Gary Gregory. ggregory
Fix All custom exceptions serialVersionUID value is now 2. Thanks to Gary Gregory. ggregory
Fix FileUploadByteCountLimitException ctor switches fileName and fieldName parameters #216. Fixes FILEUPLOAD-350. Thanks to Ernesto Reinaldo Barreiro. ggregory
Fix [StepSecurity] ci: Harden GitHub Actions #224. Thanks to step-security-bot, Gary Gregory. ggregory
Add Add github/codeql-action from #144. Thanks to Gary Gregory. ggregory
Add Add the package org.apache.fileupload2.jaksrvlt, for compliance with Jakarta Servlet API 5.0. jochen
Add Making FileUploadException a subclass of IOException. (Mibor API simplification.) jochen
Add Add a configurable limit (disabled by default) for the number of files to upload per request. markt
Remove Remove deprecated constructors in MultipartStream. Thanks to Gary Gregory. ggregory
Remove Remove deprecated RequestContext.getContentLength(). Thanks to Gary Gregory. ggregory
Remove Remove deprecated JakSrvltRequestContext.getContentLength(). Thanks to Gary Gregory. ggregory
Remove Remove deprecated PortletRequestContext.getContentLength(). Thanks to Gary Gregory. ggregory
Remove Remove deprecated ServletRequestContext.getContentLength(). Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.MAX_HEADER_SIZE. Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.createItem(Map, boolean). Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.getFieldName(Map). Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.getFileName(Map). Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.getHeader(Map, String). Thanks to Gary Gregory. ggregory
Remove Remove deprecated FileUploadBase.parseHeaders(String). Thanks to Gary Gregory. ggregory
Remove Replace org.apache.commons.fileupload2.util.mime.Base64Decoder with java.util.Base64. Thanks to Gary Gregory. ggregory
Remove Replace LimitedInputStream with BoundedInputStream. Thanks to Gary Gregory. ggregory
Remove FileItemHeadersImpl is no longer Serializable. Thanks to Gary Gregory. ggregory
Remove Reuse Java's InvalidPathException instead of the custom InvalidFileNameException. Thanks to Gary Gregory. ggregory
Update Bump actions/cache from 2.1.6 to 3.0.8 #128, #140. Thanks to Dependabot, Gary Gregory. ggregory
Update Bump actions/checkout from 2.3.4 to 3.0.2 #125. Thanks to Dependabot, Gary Gregory. ggregory
Update Bump build actions/setup-java from 1.4.3 to 3.8.0 #142, #175, #180, #182. Thanks to Gary Gregory. ggregory
Update Bump Java compiler level to 1.8. jochen
Update Bump commons-io:commons-io 2.6 to 2.13.0, #104, #221. Thanks to Gary Gregory, Dependabot. ggregory
Update Bump junit-jupiter from 5.5.2 to 5.9.1 #31, #130, #156, #166. Thanks to Dependabot. ggregory
Update Bump maven-pmd-plugin from 3.13.0 to 3.19.0 #48, #162. Thanks to Dependabot. ggregory
Update Bump commons.japicmp.version from 0.13.0 to 0.16.0. Thanks to Gary Gregory. ggregory
Update Bump spotbugs-maven-plugin from 4.2.3 to #103, #133, #141, #146, #155, #163, #179. Thanks to Dependabot. ggregory
Update Bump spotbugs from 4.2.3 to 4.7.3, ignore EI_EXPOSE_REP, and EI_EXPOSE_REP2, #152, #161, #174. Thanks to Dependabot. jochen
Update Bump biz.aQute.bndlib from 6.0.0 to 6.4.0 #129, #181. Thanks to Dependabot. ggregory
Update Bump commons-parent from 52 to 58, #167, #183, #194. Thanks to Gary Gregory, Dependabot. ggregory
Update Bump maven-checkstyle-plugin from 3.1.2 to 3.2.0 #160. Thanks to Dependabot. ggregory

Release 1.5 – 2023-02-01

No changes in this release.

Release 1.4 – 2018-12-23

Type Changes By
Update Don't create un-needed resources in FileUploadBase.java. Fixes FILEUPLOAD-292. chtompki
Update Upversion complier.source, compiler.target to 1.6. Fixes FILEUPLOAD-282. chtompki
Fix DiskFileItem#write() could lose original IO exception. Fixes FILEUPLOAD-252. tn
Fix DiskFileItem#getStoreLocation() wrongly returned a File object for items stored in memory. Fixes FILEUPLOAD-258. tn
Fix FileUploadBase - should not silently catch and ignore all Throwables. Fixes FILEUPLOAD-242. tn
Fix Fix Javadoc 1.8.0 errors. Fixes FILEUPLOAD-257. tn
Fix Fix section "Resource cleanup" of the user guide. Fixes FILEUPLOAD-234. tn
Fix Fix streaming example: use FileItem.getInputStream() instead of openStream(). Fixes FILEUPLOAD-237. tn
Fix DiskFileItem might suppress critical IOExceptions on rename - use FileUtil.move instead. Fixes FILEUPLOAD-248. ecki
Fix DiskFileItem#getTempFile() is broken. Fixes FILEUPLOAD-251. sebb
Fix FileUploadBase - potential resource leak - InputStream not closed on exception. Fixes FILEUPLOAD-250. sebb
Fix DiskFileItem.readObject fails to close FileInputStream. Fixes FILEUPLOAD-244. sebb
Update FileUpload should use IOUtils.closeQuietly where relevant. Fixes FILEUPLOAD-246. sebb
Fix DiskFileItem.get() may not fully read the data. Fixes FILEUPLOAD-245. sebb
Update Make some MultipartStream private fields final. Fixes FILEUPLOAD-243. Thanks to Ville Skyttä. sebb
Add Site: added security report ecki
Unknown Improve performance for large multi-part boundaries Thanks to Felix Schumacher. markt
Unknown Added the default character set to the DiskFileItem. Fixes FILEUPLOAD-286. Thanks to maxxedev. jochen
Unknown Avoid using File.exists() on temporary files, if we know that the file has been created. Fixes FILEUPLOAD-288. Thanks to fangwentong. jochen
Unknown Added .travis.yml, to fix build issues on Github. Thanks to Pascal Schumacher. jochen

Release 1.3.3 – 2017-06-13

Type Changes By
Fix DiskDileItem can actually no longer be deserialized, unless a system property is set to true. Fixes FILEUPLOAD-279. jochen

Release 1.3.2 – 2016.05-26

Type Changes By
Update SECURITY - CVE-2016-3092. Performance Improvement in MultipartStream. Fixes FILEUPLOAD-272. jochen

Release 1.3.2 – 2014-02-07

Type Changes By
Fix SECURITY - CVE-2016-3092. Specially crafted input can trigger a DoS, if the size of the MIME boundard is close to the size of the buffer in MultipartStream. (Similar to CVE-2014-0050.) jochen

Release 1.3.1 – 2014-02-07

Type Changes By
Fix SECURITY - CVE-2014-0050. Specially crafted input can trigger a DoS if the buffer used by the MultipartStream is not big enough. When constructing MultipartStream enforce the requirements for buffer size by throwing an IllegalArgumentException if the requested buffer size is too small. This prevents the DoS. markt
Fix When deserializing DiskFileItems ensure that the repository location, if any, is a valid one. Thanks to Arun Babu Neelicattu. markt
Fix Correct example in usage documentation so it compiles. markt

Release 1.3 – 2013-03-27

Type Changes By
Fix SECURITY - CVE-2013-0248. Update the Javadoc and documentation to make it clear that setting a repository is required for a secure configuration if there are local, untrusted users. markt
Update Update the project tree dirs according to default Maven conventions. Fixes FILEUPLOAD-216. simonetripodi
Update drop JDK1.3 support and update to Java5. Fixes FILEUPLOAD-217. simonetripodi
Update Update version in POM. Fixes FILEUPLOAD-218. simonetripodi
Update upgrade tests to JUnit 4. Fixes FILEUPLOAD-219. simonetripodi
Update replace package.html with package-info.java. Fixes FILEUPLOAD-220. simonetripodi
Update FileItemHeadersImpl can now use LinkedHashMap. Fixes FILEUPLOAD-221. simonetripodi
Update Mark @deprecated classes/methods with @Deprecated annotation. Fixes FILEUPLOAD-222. simonetripodi
Fix Base64Decoder doesn't correctly implement RFC 4648. Fixes FILEUPLOAD-233. Thanks to Simone Tripodi. sebb
Fix "Stream ended unexpectedly" when posting from a Flash client. Fixes FILEUPLOAD-143. Thanks to Luke Scott. jochen
Fix Manifest for OSGi has invalid syntax. Fixes FILEUPLOAD-173. Thanks to Bjorn Harvold. simonetripodi
Fix commons-io dependency does not get loaded by maven if only dependency to commons-fileupload is specified. Fixes FILEUPLOAD-183. Thanks to Roman Arkadijovych Muntyanu. simonetripodi
Fix https://commons.apache.org/fileupload/index.html is out of date. Fixes FILEUPLOAD-185. Thanks to Sebb. simonetripodi
Fix https://commons.apache.org/fileupload/index.html should not mention nightly builds. Fixes FILEUPLOAD-186. Thanks to Sebb. simonetripodi
Fix DiskFileItemFactory use of FileCleaningTracker is documented or coded wrong - proposal submitted by Jan Novotný. Fixes FILEUPLOAD-189. Thanks to Gregor K. simonetripodi
Fix Error reading the file size larger than 2 gb - pull request from Gergely. Fixes FILEUPLOAD-195. Thanks to Juliano Alves. simonetripodi
Fix ServletFileUpload isMultipartContent method does not support HTTP PUT - thanks Roy T. Fielding and Jochen Wiedmann. Fixes FILEUPLOAD-197. Thanks to David Wolverton. simonetripodi
Fix Uploads have unexpected results for files with non-ASCII names - support RFC2047 - thanks Thomas Neidhart. Fixes FILEUPLOAD-199. Thanks to Mark Thomas. simonetripodi
Fix Exceptions resulting from upload size limitations (fileSizeMax, sizeMax) are now correctly propagated to the caller (these could be encountered formerly as MalformedStreamException: "Stream ended unexpectedly"). Fixes FILEUPLOAD-202. Thanks to tina. tn
Fix FileItem.getHeaders() returns always null. Fixes FILEUPLOAD-204. Thanks to Hakju Oh. jochen
Fix The sizeMax parameter within FileUpload is now correctly enforced if no content length header is provided. Fixes FILEUPLOAD-212. Thanks to Damian Kolasa. tn
Fix ServletFileUpload only accepts POST requests. Fixes FILEUPLOAD-214. Thanks to Matthew Runo. simonetripodi
Fix (Servlet|Portlet)RequestContext#contentLength() must return request.getContentLength() if Content-length header is not available. Fixes FILEUPLOAD-228. Thanks to Thomas Neidhart. simonetripodi
Fix toLowerCase() is Locale-dependent; should use toLowerCase(Locale.ENGLISH) instead. Fixes FILEUPLOAD-229. Thanks to seb. simonetripodi
Fix There are no unit tests for the new utils.mime classes. Fixes FILEUPLOAD-229. Thanks to seb. sebb,simonetripodi
Add Documentation: add simple HTML form example to fileupload user guide. Fixes FILEUPLOAD-182. Thanks to Chris Lott. simonetripodi
Add enhance file read/write performance - patch provided by frank. Fixes FILEUPLOAD-207. Thanks to frank. simonetripodi
Add Add Support for Generic Types. Fixes FILEUPLOAD-209. Thanks to Fernando Ribeiro. simonetripodi
Add Process HTTP Requests Into Maps. Fixes FILEUPLOAD-210. Thanks to Fernando Ribeiro. simonetripodi
Update Update commons-io dependency to latest version that supports JDK1.5. Fixes FILEUPLOAD-223. simonetripodi
Update Avoid string concatenations while parsing headers, use buffers instead. Fixes FILEUPLOAD-224. simonetripodi
Update Replace java.rmi.server.UID() with java.util.UUID. Fixes FILEUPLOAD-225. simonetripodi
Update DiskFileItem.counter could be converted to AtomicInteger (or AtomicLong?). Fixes FILEUPLOAD-226. sebb
Update Private immutable fields which could be final. Fixes FILEUPLOAD-227. sebb
Update Update to JDK 1.5 and bump IO dependency to 2.0.1. Fixes FILEUPLOAD-201. simonetripodi
Update version 1.3 improvement tasks. Fixes FILEUPLOAD-215. simonetripodi

Release 1.2.2 – 2010-07-29

Type Changes By
Fix Added a check for file names containing a NULL characters. Such file names are now triggering an InvalidFileNameException since the file name cannot be used as provided to create the file since it will be truncated at the NUL character on most (all?) operating systems. E.g. a file name like "test.foo0.bar" would result in "test.foo" being created. Thanks to Daniel Fabian. jochen
Fix Temporary files have not been deleted, if an error occurred in FileUploadBase.parseRequest();. Fixes FILEUPLOAD-160. Thanks to Stepan Koltsov. jochen
Fix Fixed example in MultipartStream Javadocs. Fixes FILEUPLOAD-158. Thanks to Stepan Koltsov. jochen
Fix Ensured, that the ProgressListener is called for all items. Fixes FILEUPLOAD-157. Thanks to Paul Spurr. jochen
Fix Made the ProgressNotifier public. Fixes FILEUPLOAD-156. jochen
Fix Multiple documentation fixes. Fixes FILEUPLOAD-155. Thanks to Jörg Heinicke. jochen
Fix Fixed the error message for FileSizeLimitExceededException from "too many characters" to "too many bytes". Fixes FILEUPLOAD-152. Thanks to Duzakropka. jochen
Add A FileSizeLimitExceededException does now contain the file and field name of the item, which caused the problem. Fixes FILEUPLOAD-154. jochen
Fix The FileItemHeader stuff hasn't been actually working. Fixes FILEUPLOAD-130. Thanks to Guillaume Cottenceau. jochen

Release 1.2.1 – 2008-01-18

Type Changes By
Fix Upgrade to commons-io-1.4-SNAPSHOT, in order to use the new FileCleaningTracker and fix issues with FileCleaner. jochen
Fix Made the MockHttpServletRequest comply to the servlet 2.4 specification by applying http://www.sourcelabs.com/dashboards/sash-1.2/patches/commons-fileupload-1.1-1/SUP-520.diff. Fixes FILEUPLOAD-129. jochen
Add Added support for accessing the file item headers. Fixes FILEUPLOAD-130. Thanks to Michael Macaluso. jochen
Fix A MalformedStreamException is now thrown, if the size of an items headers exceeds HEADER_PART_SIZE_MAX;. Fixes FILEUPLOAD-116. Thanks to Amichai Rothman. jochen
Fix DiskFileItem.toString() could throw an NPE. Fixes FILEUPLOAD-134. Thanks to Thomas Vandahl. jochen
Fix Short files could cause an unexpected end of the item stream. Fixes FILEUPLOAD-135. Thanks to Alexander Sova. jochen
Fix A FileSizeLimitExceededException was deferred until the complete file has been uploaded. Additionally, the FileSizeLimitException is now thrown immediately, if the attachments headers contain a content-length value, which exceeds the configured limit. Fixes FILEUPLOAD-145. jochen
Fix Fixed a classpath problem when building with Sun JDK 1.3.1 and Ant. Fixes FILEUPLOAD-153. Thanks to Gary Gregory. jochen

Release 1.2 – 2007-02-13

Type Changes By
Fix Made Streams.asString static. Thanks to Aaron Freeman. jochen
Update Eliminated duplicate code. Fixes FILEUPLOAD-109. jochen
Add Added a streaming API. Fixes FILEUPLOAD-112. jochen
Fix Eliminated the necessity of a content-length header. Fixes FILEUPLOAD-93. jochen
Fix Eliminated the limitation of a maximum size for a single header line. (The total size of all headers is already limited, so there's no need for another limit.). Fixes FILEUPLOAD-108. Thanks to Amichai Rothman. jochen
Add Added the ProgressListener, which allows to implement a progress bar. Fixes FILEUPLOAD-87. jochen
Add Added support for header continuation lines. Fixes FILEUPLOAD-111. Thanks to Amichai Rothman. jochen
Add It is now possible to limit the actual file size and not the request size. Fixes FILEUPLOAD-88. Thanks to Andrey Aristarkhov. jochen
Add Added the FileCleanerCleanup as an example for how to close down the FileCleaner's reaper thread nicely. Fixes FILEUPLOAD-120. Thanks to Henry Yandell. jochen
Fix A descriptive NPE is now thrown, if the FileItemFactory has not been set. Fixes FILEUPLOAD-123. jochen

Release 1.1.1 – 2006-06-08

Type Changes By
Fix Cache disk file item size when it is moved to a new location. Fixes FILEUPLOAD-20. martinc
Fix File names were being inadvertently converted to lower case. Fixes FILEUPLOAD-30. martinc

Release 1.1 – 2005-12-24

Type Changes By
Update Updates for FileUpload 1.1-RC1. martinc
Add Added release notes for FileUpload 1.1. martinc
Update Update the User Guide to document the "right" way of using FileUpload 1.1, rather than the older, and thus deprecated, ways that are compatible with FileUpload 1.0. martinc
Add Add this change log, including all changes since the Commons FileUpload 1.0 release. martinc
Update Update Commons IO dependency to version 1.1. martinc
Add Add custom PMD configuration. martinc
Update Make inner exception classes static, which they should have been all along. martinc
Fix Fix Checkstyle warnings. martinc
Fix Remove Javadoc warnings. Fixes FILEUPLOAD-29. Thanks to Rahul Akolkar. martinc
Update Build updates: (1) Include NOTICE.txt in the jar file and distributions. (2) Include xdocs in source distribution. (3) Create MD5 checksums for distributions. martinc
Add Add custom Checkstyle configuration. martinc
Update Update dependencies in POM, and add comments and scope. martinc
Update Standardise on @throws instead of having a mixture of that and @exception. martinc
Fix Make DiskFileItem serializable. Thanks to Niall Pemberton for the suggestion and patch. Fixes FILEUPLOAD-50. Thanks to Niall Pemberton. martinc
Update Make the temporary file names unique across class loaders, not just within them, by including a UID in the file name. martinc
Fix Include the actual and permitted sizes in both the exception message and the exception itself. Fixes FILEUPLOAD-77. martinc
Fix If an explicit header encoding is not specified, use the one from the appropriate context (i.e. ServletRequest or ActionRequest). Fixes FILEUPLOAD-13. martinc
Add Add getCharacterEncoding to the request context. martinc
Fix Null check and case insensitivity fixes. Fixes FILEUPLOAD-83. martinc
Update Web site updates: (1) Add detail pages for Source Repository and Issue Tracking, based on those for IO and Validator. (2) Improvements to FileUpload home page, based on similar recent changes to IO and Validator home pages. (3) The Bugzilla component name has a space in it. Fix the URLs. (4) Add an FAQ page, using the Maven plugin to generate it. martinc
Fix Fixes to POMs. Fixes COMMONSSITE-2. dion
Update Setting source and target for Java 1.3 mrdon
Fix Fix typos in Javadoc code examples. Fixes FILEUPLOAD-37. martinc
Fix Fix typos in exception messages. martinc
Fix Obtain request content type from container instead of headers. Fixes FILEUPLOAD-5. martinc
Update New mock objects from Jetspeed-2, and new FileUpload test cases. sullis
Add added toString() methods sullis
Add Fix up the existing package.html file and add new ones for the newly introduced packages. Fairly minimal, but with a link to the user guide. martinc
Update Substantial refactoring and additions: (1) The core package is now independent of servlet / portlet / other distinctions, as well as persistence schemes, other than deprecated classes and methods retained for backwards compatibility. (2) Servlet specific functionality has been moved to a new 'servlet' package. Existing users should migrate to this as soon as possible, since the servlet specific functionality in the generic package will be removed in the release after FileUpload 1.1. (3) Support for portlets (JSR 168) has been added, in a new 'portlet' package. This is not well tested at this point, and feedback would be very much appreciated. (This also resolves bug #23620.) (4) The disk-based file item implementation has been moved into a 'disk' package, and renamed from Default* to Disk* to reflect what it really is. The Default* classes have been retained in the top level package for backwards compatibility, but are now deprecated, and will be removed in the release after FileUpload 1.1. (5) The isMultipartRequest method is an unfortunate casualty of this refactoring. That method should really be moved to ServletFileUpload, but since the method is static, it can only exist in either FileUploadBase or ServletFileUpload. Backwards compatibility dictates the former for now, but the latter is the desired state, which implies some future breakage. Fair warning... martinc
Fix Specify the encoding (ISO-8859-1) when converting the boundary to a byte array. Fixes FILEUPLOAD-4. martinc
Update Convert to Sun coding guidelines. martinc
Update DeferredFileOutputStream moved to Commons IO. martinc
Fix Workaround for Mac IE5 bug. Thanks to Justin Sampson for the patch and tests for this vexing issue. Fixes FILEUPLOAD-16. Thanks to Justin Sampson. martinc
Fix Handle unquoted header parameters. Fixes FILEUPLOAD-104. martinc
Add Some documentation on interaction with virus scanners. Fixes FILEUPLOAD-78. martinc
Add More unit tests from Justin Sampson. Fixes FILEUPLOAD-31. Thanks to Justin Sampson. martinc
Update Use FileCleaner from Commons IO to clean up temp files, rather than File.deleteOnExit(), which can cause serious problems in long-running processes. Fixes FILEUPLOAD-95. martinc
Fix Check that HTTP method is POST as part of multipart check. Fixes FILEUPLOAD-53. martinc
Add Switch to Commons IO version of DeferredFileOutputStream. Adding IO as a dependency will allow us to take advantage of other classes in that component to fix additional FileUpload bugs. martinc
Add handle quoted boundary specification. Fixes FILEUPLOAD-40. martinc
Add use case-independent comparisons for encoding types. Fixes FILEUPLOAD-18. martinc
Fix Fix comments to avoid break iterator complaints. martinc
Fix Fix typos in comments. Thanks to Yuji Yamano. martinc
Add Add support for character sets specified for individual parts. Fixes FILEUPLOAD-101. Thanks to Oleg Kalnichevski. martinc
Update Change to Apache License 2.0 scolebourne
Fix Correct the comment for the no-args constructor to reflect the fact that a factory needs to be set before parsing uploads. Fixes FILEUPLOAD-22. martinc
Update Collapse some all but duplicated code. martinc
Fix Fix example showing FileItem.write to use a File object. Fixes FILEUPLOAD-72. jmcnally
Fix Check for null before attempting to close streams in write(). Fixes FILEUPLOAD-21. Thanks to Peter Chase. martinc
Fix Correction to sample code in the docs. Fixes FILEUPLOAD-67. Thanks to Paul Dalton. martinc

Release 1.0 – 2003-06-26

No changes in this release.