id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
30737	Incorrectly encoded headers can yield uncaught UnicodeDecodeError	Mark Gordon	nobody	"Sending a post with a Content-Type header that contains non-ascii characters will cause a UnicodeDecodeError to be raised and uncaught resulting in a 500 error rather than handling the issue and giving a 400 as would be appropriate.

Make such an erronous request with something like:

{{{
curl -d '' -H 'Content-Type: application/€' http://django-server/
}}}

Raises the below exception/stack trace

{{{

UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 12: ordinal not in range(128)
(15 additional frame(s) were not displayed)
...
  File ""rest_framework/request.py"", line 427, in POST
    self._load_data_and_files()
  File ""rest_framework/request.py"", line 275, in _load_data_and_files
    self._data, self._files = self._parse()
  File ""rest_framework/request.py"", line 337, in _parse
    if media_type and is_form_media_type(media_type):
  File ""rest_framework/request.py"", line 32, in is_form_media_type
    base_media_type, params = parse_header(media_type.encode(HTTP_HEADER_ENCODING))
  File ""django/http/multipartparser.py"", line 652, in parse_header
    key = plist.pop(0).lower().decode('ascii')
}}}
"	Bug	closed	HTTP handling	dev	Normal	invalid			Unreviewed	0	0	0	0	0	0