This SO answer nails it. NB: I had to tweak some scripts — a running example is available in my playground/http/multipart-post directory.

TLDR: browsers will generate an HTTP POST request with a Content-Type: multipart/form-data header when displaying an HTML form with an enctype='multipart/formdata' attribute.