Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not read from request body unless we have to #35

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Do not read from request body unless we have to #35

wants to merge 1 commit into from

Conversation

pilt
Copy link

@pilt pilt commented Sep 21, 2012

HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.

With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.

In django.http.HttpRequest:

def read(self, *args, **kwargs):
    self._read_started = True
    return self._stream.read(*args, **kwargs)

@property
def body(self):
    if not hasattr(self, '_body'):
        if self._read_started:
            raise Exception("You cannot access body after reading from request's data stream")
        try:
            self._body = self.read()
        except IOError, e:
            raise UnreadablePostError, e, sys.exc_traceback
        self._stream = StringIO(self._body)
    return self._body

@pilt
Do not read from request body unless we have to
546c1a6 
HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.

With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.

In django.http.HttpRequest:

    def read(self, *args, **kwargs):
        self._read_started = True
        return self._stream.read(*args, **kwargs)

    @Property
    def body(self):
        if not hasattr(self, '_body'):
            if self._read_started:
                raise Exception("You cannot access body after reading from request's data stream")
            try:
                self._body = self.read()
            except IOError, e:
                raise UnreadablePostError, e, sys.exc_traceback
            self._stream = StringIO(self._body)
        return self._body
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pilt