Opened 19 years ago
Closed 19 years ago
#277 closed defect (wontfix)
CommonMiddleware URL rewriting discards POST data
Reported by: | Owned by: | Adrian Holovaty | |
---|---|---|---|
Component: | Core (Other) | Version: | |
Severity: | normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
The CommonMiddleware URL rewriting discards any POST data when it is triggered.
This code in django/middleware/common.py needs to be fixed to pass along any possible POST data with the redirect.
if new_url != old_url: # Redirect newurl = "%s://%s%s" % (os.environ.get('HTTPS') == 'on' and 'https' or 'http', new_url[0], new_url[1]) if request.GET: newurl += '?' + urlencode(request.GET) return httpwrappers.HttpResponseRedirect(newurl)
But I don't know how to fix it :(
Change History (5)
comment:1 by , 19 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
comment:2 by , 19 years ago
Resolution: | wontfix |
---|---|
Status: | closed → reopened |
I would suggest raising an exception or redirecting to 404 when this code gets called with POST data. I had a form submit that was triggering the url rewriting and it was painful tracking down exactly why my view code was receiving a GET instead of a POST. My url matching scheme allowed leaving off the trailing slash (I think "/test/update" looks nicer than "/test/update/"), so from the django code point of view, it was still a valid url submission. If the url rewriting middleware wasn't present, the POST would have been successful. Maybe settings.APPEND_SLASH should be disabled by default (at least for POSTs)? I doubt I'll be the only user who runs into this...
Or is "/test/update" just a completely invalid URL and I should have known this?
Also, doesn't apache's mod_rewrite have a way to do redirects that preserves POST data?
comment:4 by , 19 years ago
milestone: | Version 1.0 |
---|
comment:5 by , 19 years ago
Resolution: | → wontfix |
---|---|
Status: | reopened → closed |
The answer is: "Don't POST to a redirect."
This isn't a Django problem; it's a problem with HTTP itself -- there's no way to pass POST data long with a redirect. Te solution is simply to make sure your forms submit to valid URLs.