You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have noticed that this middleware is randomly logging empty bodies for certain requests in our PROD environment. After doing some research and code reviews, I believe that there is a potential problem with the following members of the LoggingMiddleware class:
These two member can get mutated on a per call basis, however in a multi-threaded environment, they could be overwritten by a different thread before they are used for the current invocation.
The reason for this statement are the following sources:
I also did some testing on our code, and I have noticed that the middleware is sort of a 'singleton' that gets constructed only once per process and reused for all threads, which would explain the random empty bodies in our logs as the cached_request_body reference could be overwritten by a different thread.
I would be happy to craft and propose a solution and create a PR for it, but I have not seen much activity on this project so I want to check if it is still being maintained.
Let me know and I will propose a PR.
Thank you.
The text was updated successfully, but these errors were encountered:
We have noticed that this middleware is randomly logging empty bodies for certain requests in our PROD environment. After doing some research and code reviews, I believe that there is a potential problem with the following members of the LoggingMiddleware class:
These two member can get mutated on a per call basis, however in a multi-threaded environment, they could be overwritten by a different thread before they are used for the current invocation.
The reason for this statement are the following sources:
https://blog.roseman.org.uk/2010/02/01/middleware-post-processing-django-gotcha/
https://stackguides.com/questions/10763641/is-this-django-middleware-thread-safe
https://stackoverflow.com/questions/6214509/is-django-middleware-thread-safe
I also did some testing on our code, and I have noticed that the middleware is sort of a 'singleton' that gets constructed only once per process and reused for all threads, which would explain the random empty bodies in our logs as the cached_request_body reference could be overwritten by a different thread.
I would be happy to craft and propose a solution and create a PR for it, but I have not seen much activity on this project so I want to check if it is still being maintained.
Let me know and I will propose a PR.
Thank you.
The text was updated successfully, but these errors were encountered: