ToolbarMiddleware prevents views from adding custom upload handlers. #897

Closed
tomchristie opened this Issue Jul 7, 2011 · 0 comments

Projects

None yet

3 participants

@tomchristie

The ToolbarMiddle accesses request.POST, which causes the request data and/or files to be parsed, and prevents any views in the CMS from being able to modify the upload handlers for the request as the request body has already been parsed, and and request._files has already been populated.

Middleware that accesses request.POST should generally be considered a bug - Eg see Jacob K-M's comment on this ticket: https://code.djangoproject.com/ticket/613

I'm not quite sure of the right way to fix this. It's probably fine for the middleware to access .POST if either:

  1. If we can be sure at the point that it's been accessed that no view behind the middleware is going to need to use custom upload handlers (or custom parsing of the request body).
  2. There's a mechanism for allowing the view to override or defer the usual behavior (eg as the csrfmiddleware does)
@ojii ojii pushed a commit to ojii/django-cms that referenced this issue Aug 4, 2011
Jonas Obrist Fixed #897 by only accessing request.POST in the middleware when we'r…
…e pretty sure the POST is for the toolbar (login)
932f7ec
@ojii ojii pushed a commit that closed this issue Aug 4, 2011
Jonas Obrist Fixed #897 by only accessing request.POST in the middleware when we'r…
…e pretty sure the POST is for the toolbar (login)
932f7ec
@ojii ojii closed this in 932f7ec Aug 4, 2011
@chrisglass chrisglass closed this in 759ddbf Aug 4, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment