CsrfViewMiddleware makes modification of the upload handlers impossible
|Reported by:||dc||Owned by:||Luke Plant|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
CsrfViewMiddleware accesses request.POST and makes modification of the upload handlers on a per-request basis impossible.
Currently it's impossible to simultaneously use per-request upload handlers and csrf protection. At least this must be documented.
Steps to reproduce
Put attached upload_test.py in PYTHONPATH.
Start new default django project:
$ django-admin.py startproject project
urlpatterns = patterns('', (r'^upload/$', 'upload_test.upload_file'), )
Open browser at /upload/ and submit form.
AttributeError at /upload/
You cannot alter upload handlers after the upload has been processed.
Normal form handling in upload_file() view.
Change History (5)
comment:1 Changed 6 years ago by
|Owner:||changed from nobody to Luke Plant|
|Patch needs improvement:||unset|
|Status:||new → assigned|