#14182: CsrfViewMiddleware makes modification of the upload handlers impossible ----------------------------------+----------------------------------------- Reporter: dc | Owner: nobody Status: new | Milestone: Component: File uploads/storage | Version: 1.2 Keywords: csrf upload_handlers | Stage: Unreviewed Has_patch: 0 | ----------------------------------+----------------------------------------- CsrfViewMiddleware accesses request.POST and makes modification of the upload handlers on a per-request basis impossible.
Currently it's impossible to simultaneously use per-request upload handlers and csrf protection. At least this must be documented. See also: http://docs.djangoproject.com/en/1.2/topics/http/file-uploads /#modifying-upload-handlers-on-the-fly '''Steps to reproduce''' Put attached upload_test.py in PYTHONPATH. Start new default django project: {{{ $ django-admin.py startproject project }}} Modify project/urls.py: {{{ urlpatterns = patterns('', (r'^upload/$', 'upload_test.upload_file'), ) }}} Open browser at /upload/ and submit form. '''Actual Results''' AttributeError at /upload/ You cannot alter upload handlers after the upload has been processed. '''Expected Results''' Normal form handling in upload_file() view. -- Ticket URL: <http://code.djangoproject.com/ticket/14182> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.
