Response middleware can leak db connection
|Reported by:||Owned by:||Adrian Holovaty|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Both modpython.py and wsgi.py do this:
try: request = ModPythonRequest(req) response = self.get_response(req.uri, request) finally: db.db.close() # Apply response middleware for middleware_method in self._response_middleware: response = middleware_method(request, response)
... meaning that if any response middleware uses db connection it will not be closed. The most common middleware doing it is Session.
The right thing to do would be stick the middleware part up under try block.
However even more right thing (I think) would be to refactor both request and response middleware application along with finally: part into BaseHandler._get_response to avoid maintaining identical code in modpython.py and wsgi.py.