id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
9140	bug in django.http.multipartparser.MultiPartParser after HttpResponseRedirect of a form post with files	Nowell Strite	nobody	"There is a bug in django.http.multipartparser.MultiPartParser where by if you redirect after a multipart/form-data post. This bug is avoidable if request.POST is not accessed outside of a ""if request.method == 'POST':"" conditional, but I feel that it is a bug none the less.

{{{
====== View that will recreate bug =======
import from django.http import HttpResponseRedirect, HttpResponse
def test(request):
    # this is obviously not a best practice, we should nest this 
    # under a ""if request.method == 'POST':"" conditional. But some middleware 
    # out of our control might access request.POST in an unsafe fashion
    request.POST.keys()
    if request.method == 'POST':
        return HttpResponseRedirect('/')
    return HttpResponse(""<form enctype='multipart/form-data' action='/' method='post'><input type='submit' /></form>"")

===================
}}}

The solutions are to either:
  a) expect that nothing will ever attempt to access request.POST or request.FILES outside of a request.method == 'POST' conditional
  b) Accept 0 length CONTENT_LENGTH submissions as perfectly valid (attached patch)"		new	HTTP handling	1.0					Unreviewed	1	0	0	0	0	0