Skip to content

Do not read from request body unless we have to #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pilt wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Do not read from request body unless we have to #35

pilt wants to merge 1 commit into from

Conversation

@pilt
Copy link

@pilt pilt commented Sep 21, 2012

HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.

With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.

In django.http.HttpRequest:

def read(self, *args, **kwargs):
    self._read_started = True
    return self._stream.read(*args, **kwargs)

@property
def body(self):
    if not hasattr(self, '_body'):
        if self._read_started:
            raise Exception("You cannot access body after reading from request's data stream")
        try:
            self._body = self.read()
        except IOError, e:
            raise UnreadablePostError, e, sys.exc_traceback
        self._stream = StringIO(self._body)
    return self._body

@pilt
Do not read from request body unless we have to
546c1a6 
HttpRequest's read() method is called when we do
self.request.REQUEST.get('bearer_token'). This makes it impossible to
access the request body at a later point.

With this change we avoid trying to read a bearer token from the
request body if the Authorization header is set.

In django.http.HttpRequest:

    def read(self, *args, **kwargs):
        self._read_started = True
        return self._stream.read(*args, **kwargs)

    @Property
    def body(self):
        if not hasattr(self, '_body'):
            if self._read_started:
                raise Exception("You cannot access body after reading from request's data stream")
            try:
                self._body = self.read()
            except IOError, e:
                raise UnreadablePostError, e, sys.exc_traceback
            self._stream = StringIO(self._body)
        return self._body
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pilt