#30015: HTTP server doesn't clear previous request data in keep-alive
connection.
-------------------------------------+-------------------------------------
Reporter: kalekseev | Owner: nobody
Type: | Status: new
Uncategorized |
Component: Core | Version: 2.1
(Other) |
Severity: Normal | Keywords: keep-alive, server
Triage Stage: | Has patch: 1
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
Django 2.1.4 affected.
Commit that enabled keep-alive connections
https://github.com/django/django/commit/934acf1126995f6e6ccba5947ec8f7561633c27f
Bug: if you make two requests in one keep-alive connection and first
request posted data that wasn't read in the view
then on second request that data will be read alongside with first line of
the new request.
As a result request.method will contain "..data from previous
request...POST"
Pull request with test and possible fix
https://github.com/django/django/pull/10732
--
Ticket URL: <https://code.djangoproject.com/ticket/30015>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/052.251d37f803e695ec03668b4aa789a82d%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
