On Tue, 2008-01-08 at 22:45 -0600, Gary Wilson Jr. wrote: > Malcolm Tredinnick wrote: > > Hey Gary, > > > > On Tue, 2008-01-08 at 00:35 -0600, Gary Wilson Jr. wrote: > > [...] > >> So, looking at a couple places in Django trunk where response.content is > >> used, > >> these look like bugs: > >> > >> > >> django.contrib.csrf.middleware.CsrfMiddleware.process_response: > >> > >> def process_response(self, request, response): > >> ... > >> response.content = _POST_FORM_RE.sub(add_csrf_field, response.content) > >> ... > > > > This isn't a bug, but it's subtle. There is only a problem if you are > > trying to substitute a Python unicode object into a bytestring. That's > > because Python tries to coerce the two elements into the same type > > (unicode in this case) and it uses the "ascii" codec by default. If you > > try to substitute a bytestring into a bytestring, no problems. > > I was thinking that two differently-encoded bytestrings could cause problems, > unless... Are _all_ the valid HTTP character encodings supersets of ascii?
I'm not saying it makes sense to do this, just that it works without raising a Python error because no type coercion takes place. Doing substitutions on raw bytes is legal. Not all encodings are supersets of ASCII, since the question doesn't make sense in many situations. What's the character set encoding of a PNG image? :-) It might even be that some text encodings fail to meet that requirement, but they clearly aren't that common and it's only going to be a requirement for legacy systems (in which case, most middleware is unlikely to be useful: if a legacy system can't even understand UTF-8, understanding things like E-tags and gzip encodings will be beyond it). We're making some not-unreasonable simplifying assumptions and making things completely subclassable for people who want to go further. As the need arises to incorporate stuff in core, we can do it. Because we need to, not just because we can. At the moment, this hasn't really been a huge issue and it looks solvable with one attribute being added. Cheers, Malcolm -- Why can't you be a non-conformist like everyone else? http://www.pointy-stick.com/blog/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
