#34695 closed Bug (worksforme)
security.E101 false positive with class-based views
Reported by: | Anthony Sottile | Owned by: | nobody |
---|---|---|---|
Component: | Core (System checks) | Version: | 4.2 |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
minimal example
class MyView(View): def dispatch(self, request, reason=''): ... view = MyView.as_view()
though this appears to work at runtime (at least in unsupported django 2.2 which is what I'm trying to upgrade from), the framework gives an error:
ERRORS: ?: (security.E101) The CSRF failure view 'myview.view' does not take the correct number of arguments.
the reason stems from the use of inspect.signature
on the view:
>>> sig = inspect.signature(view) >>> sig <Signature (self, request, reason='')> >>> sig.bind(None, reason=None) Traceback (most recent call last): File "/Users/asottile/.pyenv/versions/3.8.16/lib/python3.8/code.py", line 90, in runcode exec(code, self.locals) File "<console>", line 1, in <module> File "/Users/asottile/.pyenv/versions/3.8.16/lib/python3.8/inspect.py", line 3037, in bind return self._bind(args, kwargs) File "/Users/asottile/.pyenv/versions/3.8.16/lib/python3.8/inspect.py", line 2952, in _bind raise TypeError(msg) from None TypeError: missing a required argument: 'request'
Change History (5)
comment:1 by , 17 months ago
Component: | Uncategorized → Core (System checks) |
---|---|
Type: | Uncategorized → Bug |
comment:3 by , 17 months ago
Resolution: | → worksforme |
---|---|
Status: | new → closed |
Also, it works for me with Django 4.2 and on the current main
branch. I've checked with Python 3.8 and 3.10.
Note:
See TracTickets
for help on using tickets.
As far as I'm aware,
CSRF_FAILURE_VIEW
doesn't support class-based views, at least officially, check out docs:"A dotted path to the view function to be used when an incoming request is rejected by the CSRF protection. The function should have this signature:"