Opened 68 minutes ago
Last modified 4 minutes ago
#37079 assigned Bug
RemoteUserMiddleware assumes all ASGI requests will be handled by its async path
| Reported by: | Jacob Walls | Owned by: | Jacob Walls |
|---|---|---|---|
| Component: | contrib.auth | Version: | 5.2 |
| Severity: | Normal | Keywords: | |
| Cc: | Mykhailo Havelia, Sarah Boyce, Jon Janzen | Triage Stage: | Unreviewed |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
As pointed out in a review, RemoteUserMiddleware doesn't account for the case where an ASGI request passes through (sync) process_request() due to subsequent sync-only middleware in the stack. This could cause the wrong header to be looked up.
Change History (2)
comment:1 by , 61 minutes ago
comment:2 by , 4 minutes ago
| Summary: | RemoteUserMiddleware assumes all ASGI requests will be handled by its sync path → RemoteUserMiddleware assumes all ASGI requests will be handled by its async path |
|---|
Note:
See TracTickets
for help on using tickets.
PR