#33350: some view decorators do not work with Django REST framework in Django
4.0
--------------------------------+------------------------------------------
Reporter: Terence Honles | Owner: Terence Honles
Type: Bug | Status: new
Component: HTTP handling | Version: 4.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
--------------------------------+------------------------------------------
Comment (by Carlton Gibson):
I think this is going to cause trouble for a lot of folks.
The `sensitive_post_parameters` has been as it is for many years, but the
[https://www.django-rest-framework.org/api-guide/caching/#using-cache-
with-apiview-and-viewsets caching usage is standard DRF]. (Again that's
been there a long time.)
The check in 3fd82a62415e748002435e7bad06b5017507777c seems overly tight.
What methods are being called?
Surely any Request-a-like exposing those is OK?
I don't think we can just change `Request` to claim to be a `HttpRequest`.
[https://github.com/encode/django-rest-
framework/blob/master/rest_framework/request.py#L154-L158 DRF has an
`isinstance()` check for this very thing].
Introduced in https://github.com/encode/django-rest-framework/pull/5618
See also:
- https://github.com/encode/django-rest-framework/issues/5446
- https://github.com/encode/django-rest-framework/issues/3848
(and others)
--
Ticket URL: <https://code.djangoproject.com/ticket/33350#comment:7>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/071.fbd6d54787f76aa83cebbc281f20d2ef%40djangoproject.com.
