id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
14182	CsrfViewMiddleware makes modification of the upload handlers impossible	dc	Luke Plant	"CsrfViewMiddleware accesses request.POST and makes modification of the upload handlers on a per-request basis impossible.

Currently it's impossible to simultaneously use per-request upload handlers and csrf protection. At least this must be documented.

See also: http://docs.djangoproject.com/en/1.2/topics/http/file-uploads/#modifying-upload-handlers-on-the-fly

'''Steps to reproduce'''

Put attached upload_test.py in PYTHONPATH.

Start new default django project:
{{{
$ django-admin.py startproject project
}}}

Modify project/urls.py:
{{{
urlpatterns = patterns('',
    (r'^upload/$', 'upload_test.upload_file'),
)
}}}

Open browser at /upload/ and submit form.

'''Actual Results'''

AttributeError at /upload/

You cannot alter upload handlers after the upload has been processed.

'''Expected Results'''

Normal form handling in upload_file() view."		closed	File uploads/storage	1.2		fixed	csrf upload_handlers		Unreviewed	0	0	0	0	0	0