id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
5611	HTTPRequest should check content-type before parsing post body	Paul Egan	Claude Paroz <claude@…>	"The modpython handler currently tries to parse the request body as `application/x-www-form-urlencoded` regardless of the actual content type.  This leads to an exception being thrown if the content is not parseable.  See attached patch for suggested strict checking of request content-type.

=== Example ===
{{{
echo -e '\0' | curl -v --data-binary @- http://localhost/
}}}

Throws:
{{{
Traceback (most recent call last):

  File ""/usr/lib64/python2.5/site-packages/mod_python/importer.py"", line 1537, in HandlerDispatch
    default=default_handler, arg=req, silent=hlist.silent)

  File ""/usr/lib64/python2.5/site-packages/mod_python/importer.py"", line 1229, in _process_target
    result = _execute_target(config, req, object, arg)

  File ""/usr/lib64/python2.5/site-packages/mod_python/importer.py"", line 1128, in _execute_target
    result = object(arg)

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/modpython.py"", line 181, in handler
    return ModPythonHandler()(req)

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/modpython.py"", line 154, in __call__
    response = self.get_response(request)

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/base.py"", line 53, in get_response
    response = self._real_get_response(request)

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/base.py"", line 63, in _real_get_response
    response = middleware_method(request)

  File ""/home/paul/work/site/trunk/bydesign/middleware/hotshot_profiler.py"", line 13, in process_request
    if settings.DEBUG and request.has_key('prof'):

  File ""/usr/lib/python2.5/site-packages/django/http/__init__.py"", line 43, in has_key
    return key in self.GET or key in self.POST

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/modpython.py"", line 73, in _get_post
    self._load_post_and_files()

  File ""/usr/lib/python2.5/site-packages/django/core/handlers/modpython.py"", line 56, in _load_post_and_files
    self._post, self._files = http.QueryDict(self.raw_post_data, encoding=self._encoding), datastructures.MultiValueDict()

  File ""/usr/lib/python2.5/site-packages/django/http/__init__.py"", line 148, in __init__
    for key, value in parse_qsl((query_string or ''), True): # keep_blank_values=True

TypeError: argument 1 must be string without null bytes, not str
}}}"	Cleanup/optimization	closed	HTTP handling	dev	Normal	fixed		jesse.lovelace@… slacy@…	Ready for checkin	1	0	0	0	0	0