Opened 10 years ago

Closed 10 years ago

#2185 closed defect (fixed)

require_http_methods "raise"s HttpResponseForbidden

Reported by: Maniac@… Owned by: Malcolm Tredinnick
Component: Core (Other) Version:
Severity: normal Keywords:
Cc: Maniac@… Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

django.views.decorators.http.require_http_methods in case of invalid method "raise"s an instance of HttpResponseForbidden which is not an Exception. Now it ends up in a form of 500 error.

I think we need an exceptions similar to Http404 for this case. Not sure if it should be called Http403 or HttpForbidden...

Change History (6)

comment:1 Changed 10 years ago by anonymous

Cc: Maniac@… added

comment:2 Changed 10 years ago by Malcolm Tredinnick

This will be fixed by #1646 (which is on my list to commit shortly).

comment:3 Changed 10 years ago by Malcolm Tredinnick

Owner: changed from Adrian Holovaty to Malcolm Tredinnick

comment:4 Changed 10 years ago by anonymous

BTW if the decorator would just return HttpResponseNotAlowed with some default message this won't be localizable (nor pretty). I'm starting to think that all "negative" HTTP answers should be treated like 404 and 500 now, allowing for custom template and view.

comment:5 Changed 10 years ago by Malcolm Tredinnick

The 405 error typically does not have a body, just a list of HTTP methods that *are* acceptable in a subsequent retry. So this doesn't have any internationalization impact.

comment:6 Changed 10 years ago by Adrian Holovaty

Resolution: fixed
Status: newclosed

(In [3163]) Fixed #2185 -- Changed django.views.decorators.http.require_http_methods decorator to use HttpResponseNotAllowed instead of HttpResponseForbidden

Note: See TracTickets for help on using tickets.
Back to Top