Can not read request.body from a POST request
4,036 views
Skip to first unread message
Mihai Corciu
Apr 20, 2016, 4:29:09 PM4/20/16
to Django users
Is there a method to access request.body from a POST request in Django, without disabling 'django.middleware.csrf.CsrfViewMiddleware' ?
CsrfViewMiddleware is causing:
Exception Type: RawPostDataException
Exception Value: You cannot access body after reading from request's data stream
which means request.body is impossible to acces without disabling CsrfViewMiddleware.
CsrfViewMiddleware is causing:
Exception Type: RawPostDataException
Exception Value: You cannot access body after reading from request's data stream
which means request.body is impossible to acces without disabling CsrfViewMiddleware.
Vijay Khemlani
Apr 20, 2016, 4:45:03 PM4/20/16
to django...@googlegroups.com
Why would you want to access request.body directly? You should use request.POST, request.GET, request.FILES.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/9e35deeb-5586-46ec-8d54-648acdafbb8d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Gergely Polonkai
Apr 21, 2016, 1:14:40 AM4/21/16
to Django users
Vijay: They are not the same thing. request.POST, .GET and .FILES are exactly that, POST and GET data and the optional uploaded files. However, in e.g. a RESTful environment it is possible to have something else in the request body.
Mihai, what else do you do with the request before trying to read its body?
Best,
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALn3ei0%3DUx0euOS7XZ9Wb6cw9yMvKeqGwQO0cu37Y60broG%2Bvw%40mail.gmail.com.
Vijay Khemlani
Apr 21, 2016, 8:18:28 AM4/21/16
to django...@googlegroups.com
What could be in the body that's not in the supplied Django fields?
I have implemented RESTful APIs as you say (no idea why that matters as they are just HTTP requests) and never had the need to read the actual body..
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACczBULiJRUvHWiY0fXjs0eMbdsEW5r7-vWbzWZWGwaxMt5mjA%40mail.gmail.com.
Gergely Polonkai
Apr 21, 2016, 9:16:07 AM4/21/16
to Django users
A JSON/XML payload, for example. If you use plain Django (on DRF and other extensions), then request.body is the only way to access said payload.
Best,
Gergely
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CALn3ei3e3sJW1RvvNpOm%3Dd36GzxvMDOie0AhobhWP-%2BeJzngdw%40mail.gmail.com.
Daniel Roseman
Apr 23, 2016, 10:00:45 AM4/23/16
to Django users
This should not be happening. CsrfViewMiddleware is enabled by default and does not interfere with reading request.body. Please post the full traceback.
--
Daniel.
Vijay Khemlani
Apr 23, 2016, 11:58:56 AM4/23/16
to django...@googlegroups.com
Yeah, I was wrong, I actually use request.body in my code without problem with the default middlewares enabled.
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/46923ca1-1752-474e-a607-708dfd7a44d3%40googlegroups.com.
Mihai Corciu
Apr 23, 2016, 5:19:08 PM4/23/16
to Django users
First, I wanted to process multiple file upload because I could not read all files but just one. I resolved it another way , but request.body coud not be read. Maybe it's not useful or maybe I will have need sometime this. I think it is a limitation that I coud not read it just in case. I attached an entire test with this.
Mihai Corciu
Apr 23, 2016, 5:22:27 PM4/23/16
to Django users
First, I wanted to process multiple file upload because I could not read
all files but just one. I resolved it another way , but request.body
could not be read. Maybe it's not useful or maybe I will have need
sometime this. I think it is a limitation that I could not read it, just
in case. I attached an entire test with this.
This request.body exist so , normally , must be readable.
Thanks.
This request.body exist so , normally , must be readable.
Thanks.
Mihai Corciu
Apr 23, 2016, 5:36:18 PM4/23/16
to Django users
Error says : You cannot access body after reading from request's data stream and CsrfViewMiddleware is accessing before the post request. I disabled it and it worked but this is not a safe solution.
Django docs confirm that:
I attached an example with that situation.
Thanks.
Django docs confirm that:
Accessing request.POST inside
middleware from process_request or process_view will prevent any
view running after the middleware from being able to modify the
upload handlers for the request,
and should normally be avoided.
The CsrfViewMiddleware class can be
considered an exception, as it provides the
csrf_exempt() and
csrf_protect() decorators which allow
views to explicitly control at what point the CSRF validation should occur.
https://docs.djangoproject.com/en/dev/topics/http/middleware/
I attached an example with that situation.
Thanks.
Reply all
Reply to author
Forward
0 new messages