Do not read from request body unless we have to#35
Open
pilt wants to merge 1 commit intohiidef:developfrom
Open
Do not read from request body unless we have to#35pilt wants to merge 1 commit intohiidef:developfrom
pilt wants to merge 1 commit intohiidef:developfrom
Conversation
HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.
With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.
In django.http.HttpRequest:
def read(self, *args, **kwargs):
self._read_started = True
return self._stream.read(*args, **kwargs)
@Property
def body(self):
if not hasattr(self, '_body'):
if self._read_started:
raise Exception("You cannot access body after reading from request's data stream")
try:
self._body = self.read()
except IOError, e:
raise UnreadablePostError, e, sys.exc_traceback
self._stream = StringIO(self._body)
return self._body
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.
With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.
In django.http.HttpRequest: