MultipartEntityBuilder to include a random UUID in the boundary value by default

Author: ok2c

httpclient5/src/main/java/org/apache/hc/client5/http/entity/mime/MultipartEntityBuilder.java

@@ -29,13 +29,12 @@
 
 import java.io.File;
 import java.io.InputStream;
-import java.nio.CharBuffer;
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
-import java.util.concurrent.ThreadLocalRandom;
+import java.util.UUID;
 
 import org.apache.hc.core5.http.ContentType;
 import org.apache.hc.core5.http.HttpEntity;
@@ -46,22 +45,16 @@
 /**
  * Builder for multipart {@link HttpEntity}s.
  * <p>
- * IMPORTANT: it is responsibility of the caller to validate / sanitize content of body
- * parts, for instance, to ensure they do not contain the boundary value that can prevent
- * the consumer of the entity from correctly parsing / processing the body parts.
+*  IMPORTANT: it is responsibility of the caller to validate / sanitize content of body
+*  parts. For instance, when using an explicit boundary, it's the caller's responsibility to
+*  ensure the body parts do not contain the boundary value, which can prevent the consumer of
+*  the entity from correctly parsing / processing the body parts.
  * </p>
  *
  * @since 5.0
  */
     public class MultipartEntityBuilder {
 
-    /**
-     * The pool of ASCII chars to be used for generating a multipart boundary.
-     */
-    private final static char[] MULTIPART_CHARS =
-            "-_1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                    .toCharArray();
-
     private ContentType contentType;
     private HttpMultipartMode mode = HttpMultipartMode.STRICT;
     private String boundary;
@@ -237,14 +230,7 @@ public MultipartEntityBuilder addEpilogue(final String epilogue) {
     }
 
     private String generateBoundary() {
-        final ThreadLocalRandom rand = ThreadLocalRandom.current();
-        final int count = rand.nextInt(30, 41); // a random size from 30 to 40
-        final CharBuffer buffer = CharBuffer.allocate(count);
-        while (buffer.hasRemaining()) {
-            buffer.put(MULTIPART_CHARS[rand.nextInt(MULTIPART_CHARS.length)]);
-        }
-        buffer.flip();
-        return buffer.toString();
+        return "httpclient_boundary_" + UUID.randomUUID();
     }
 
     MultipartFormEntity buildEntity() {

httpclient5/src/test/java/org/apache/hc/client5/http/entity/mime/TestMultipartFormHttpEntity.java

@@ -79,7 +79,6 @@ void testImplicitContractorParams() {
         Assertions.assertNotNull(boundary);
 
         Assertions.assertTrue(boundary.length() >= 30);
-        Assertions.assertTrue(boundary.length() <= 40);
 
         final NameValuePair p2 = elem.getParameterByName("charset");
         Assertions.assertNull(p2);