request.data == None

[Lorenzo Peña]

Hola people!

Is there any valid circumstance in which request.data can return None for any request? Checking for whether request.data is None before accessing doesn't seem to be the common practice from the docs. I, however, got an error of this kind as a result of a pentesting. I'm tyring to determine whether I should check if it's None before accessing, or putting a security check in a middleware to specifically raise a concern based on this event happening.

Thanks!

[Lorenzo Peña]

To answer my own question: yes, request.data can be None if the parser would correctly parse the incoming body into None, for instance, if the body consists of `null` and goes through a JSON parser.