#30113: Ignoring body with application/json payload causes HTTP 400
----------------------------------+--------------------------------------
     Reporter:  ymollard          |                    Owner:  nobody
         Type:  Bug               |                   Status:  new
    Component:  HTTP handling     |                  Version:  2.1
     Severity:  Normal            |               Resolution:
     Keywords:  post, body, json  |             Triage Stage:  Unreviewed
    Has patch:  0                 |      Needs documentation:  0
  Needs tests:  0                 |  Patch needs improvement:  0
Easy pickings:  0                 |                    UI/UX:  0
----------------------------------+--------------------------------------
Description changed by ymollard:

Old description:

> 1. Create an example view with Django 2.1.4 that does not consume the
> request's body:
> {{{
> @csrf_exempt
> def myview(request):
>     #print(request.body.decode("utf8"))
>     return HttpResponse()
> }}}
>
> 2. Now send a a first POST with **application/json** content type, e.g.
> with axios:
> {{{
> axios.post("/myview", {"some": "data"})
> }}}
>
> 3. Send new identical POST requests, and observe that they cause  HTTP
> 400 errors:
> {{{
> [17/Jan/2019 22:27:47] "POST /myview HTTP/1.1" 200 0
> [17/Jan/2019 22:27:48] "{"some":"data"}POST /myview HTTP/1.1" 200 0
> [17/Jan/2019 22:29:44] code 400, message Bad request syntax
> ('{"some":"data"}')
> [17/Jan/2019 22:29:44] "{"some":"data"}" 400 -
> }}}
> The JSON payload of the first request is still buffered somewhere and
> mess up later requests.
>
> 4. Now comment out the print function is the view, and see that consuming
> the payload has fixed the issue

New description:

 1. Create an example view with Django 2.1.4 that does not consume the
 request's body:
 {{{
 @csrf_exempt
 def myview(request):
     #print(request.body.decode("utf8"))
     return HttpResponse()
 }}}

 2. Now send a a first POST with **application/json** content type, e.g.
 with axios:
 {{{
 axios.post("/myview", {"some": "data"})
 }}}

 3. Send new identical POST requests, and observe that they cause  HTTP 400
 errors:
 {{{
 [17/Jan/2019 22:27:47] "POST /myview HTTP/1.1" 200 0
 [17/Jan/2019 22:27:48] "{"some":"data"}POST /myview HTTP/1.1" 200 0
 [17/Jan/2019 22:29:44] code 400, message Bad request syntax
 ('{"some":"data"}')
 [17/Jan/2019 22:29:44] "{"some":"data"}" 400 -
 }}}
 The JSON payload of the first request is still buffered somewhere and mess
 up later requests.

 4. Now comment out the print function in the view, and see that consuming
 the payload has fixed the issue

--

-- 
Ticket URL: <https://code.djangoproject.com/ticket/30113#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/066.5fbed98312d13f0e9ecb9419e207785a%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to