Ticket #14035: raising_exception.2.diff

File raising_exception.2.diff, 3.2 KB (added by Piotr Czachur, 11 years ago)

Raise exception when try to re-parse multipart/form-data

  • django/http/request.py 

    diff --git a/django/http/request.py b/django/http/request.py
index 6bce1f7..1d10042 100644
    a b class HttpRequest(object):  
    224224            return
    225225        if self._read_started and not hasattr(self, '_body'):
    226226            self._mark_post_parse_error()
    227             return
     227            raise RawPostDataException("You cannot parse POST after reading from request's data stream")
    228228
    229229        if self.META.get('CONTENT_TYPE', '').startswith('multipart/form-data'):
    230230            if hasattr(self, '_body'):

  • docs/ref/request-response.txt 

    diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index 3cff5c2..14435a1 100644
    a b All attributes should be considered read-only, unless stated otherwise below.  
    8787    from ``GET`` or ``POST``) will use the new ``encoding`` value.  Useful if
    8888    you know the form data is not in the :setting:`DEFAULT_CHARSET` encoding.
    8989
     90    In case of "multipart/form-data" request, raw body is consumend and discarded on
     91    first access to ```POST``` or ```FILES```, so  you cannot use HttpRequest.encoding
     92    to modify request anymore.  In case you do, exception will be thrown on
     93    any subsequent access to ```POST``` or ```FILES```.
     94
    9095.. attribute:: HttpRequest.GET
    9196
    9297    A dictionary-like object containing all given HTTP GET parameters. See the

  • tests/requests/tests.py 

    diff --git a/tests/requests/tests.py b/tests/requests/tests.py
index 175554e..068b0a9 100644
    a b class RequestsTests(SimpleTestCase):  
    280280                               'wsgi.input': payload})
    281281        self.assertEqual(request.read(2), b'na')
    282282        self.assertRaises(RawPostDataException, lambda: request.body)
    283         self.assertEqual(request.POST, {})
     283        self.assertRaises(RawPostDataException, lambda: request.POST)
    284284
    285285    def test_non_ascii_POST(self):
    286286        payload = FakePayload(urlencode({'key': 'España'}))
    class RequestsTests(SimpleTestCase):  
    326326        self.assertEqual(request.POST, {'name': ['value']})
    327327        self.assertRaises(RawPostDataException, lambda: request.body)
    328328
     329    def test_accessing_POST_after_POST_multipart_form_data_and_changing_encoding(self):
     330        """
     331        Reading POST after parsing multipart/form-data and changing encoding is not allowed due to performance reasons.
     332        """
     333        payload = FakePayload("\r\n".join([
     334            '--boundary',
     335            'Content-Disposition: form-data; name="name"',
     336            '',
     337            'value',
     338            '--boundary--'
     339            '']))
     340        request = WSGIRequest({'REQUEST_METHOD': 'POST',
     341                               'CONTENT_TYPE': 'multipart/form-data; boundary=boundary',
     342                               'CONTENT_LENGTH': len(payload),
     343                               'wsgi.input': payload})
     344        self.assertEqual(request.POST, {'name': ['value']})
     345        request.encoding = 'latin2'
     346        self.assertRaises(RawPostDataException, lambda: request.POST)
     347
    329348    def test_body_after_POST_multipart_related(self):
    330349        """
    331350        Reading body after parsing multipart that isn't form-data is allowed
Back to Top