Re: Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Cal Leeming [Simplicity Media Ltd] 
Hi Luke,

Strange, I performed a bare test and I can't seem to reproduce the
problem. I then tried to replicate the problem in the existing code,
and it doesn't happen any more.

Some changes were being made earlier today to our L7 traffic
inspection appliance, so I suspect this might have been the reason for
the blank result on POST (perhaps I hit it in the middle of a change
being made to the appliance rules).

Always annoying to not know 100% what caused a bug :X

Thanks for the quick response anyway, in future I'll make sure to test
on a fresh install before posting to django-developers.

Cal




On Wed, Jul 6, 2011 at 7:22 PM, Cal Leeming [Simplicity Media Ltd]
 wrote:
> Ah, okay I'll do it on both 1.2 and 1.3 to determine if it is/was a bug.
>
> Cal
>
> On Wed, Jul 6, 2011 at 7:18 PM, Luke Plant  wrote:
>> On 06/07/11 18:12, Cal Leeming [Simplicity Media Ltd] wrote:
>>> Hi Luke,
>>>
>>> Thanks for the reply.
>>>
>>> I'll set up a test case in a fresh 1.2 django instance, and will let
>>> you know the results (and the code used).
>>
>> If it's not present in 1.3/trunk, there won't be bug fixes for it
>> (unless it is security related).
>>
>> Luke
>>
>> --
>>  A mosquito cried out in pain:
>>  "A chemist has poisoned my brain!"
>>  The cause of his sorrow
>>  was para-dichloro-
>>  diphenyltrichloroethane
>>
>> Luke Plant || http://lukeplant.me.uk/
>>
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Django developers" group.
>> To post to this group, send email to django-developers@googlegroups.com.
>> To unsubscribe from this group, send email to 
>> django-developers+unsubscr...@googlegroups.com.
>> For more options, visit this group at 
>> http://groups.google.com/group/django-developers?hl=en.
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Cal Leeming [Simplicity Media Ltd] 
Ah, okay I'll do it on both 1.2 and 1.3 to determine if it is/was a bug.

Cal

On Wed, Jul 6, 2011 at 7:18 PM, Luke Plant  wrote:
> On 06/07/11 18:12, Cal Leeming [Simplicity Media Ltd] wrote:
>> Hi Luke,
>>
>> Thanks for the reply.
>>
>> I'll set up a test case in a fresh 1.2 django instance, and will let
>> you know the results (and the code used).
>
> If it's not present in 1.3/trunk, there won't be bug fixes for it
> (unless it is security related).
>
> Luke
>
> --
>  A mosquito cried out in pain:
>  "A chemist has poisoned my brain!"
>  The cause of his sorrow
>  was para-dichloro-
>  diphenyltrichloroethane
>
> Luke Plant || http://lukeplant.me.uk/
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Django developers" group.
> To post to this group, send email to django-developers@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-developers+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-developers?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Luke Plant 
On 06/07/11 18:12, Cal Leeming [Simplicity Media Ltd] wrote:
> Hi Luke,
> 
> Thanks for the reply.
> 
> I'll set up a test case in a fresh 1.2 django instance, and will let
> you know the results (and the code used).

If it's not present in 1.3/trunk, there won't be bug fixes for it
(unless it is security related).

Luke

-- 
 A mosquito cried out in pain:
 "A chemist has poisoned my brain!"
 The cause of his sorrow
 was para-dichloro-
 diphenyltrichloroethane

Luke Plant || http://lukeplant.me.uk/

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Cal Leeming [Simplicity Media Ltd] 
Hi Luke,

Thanks for the reply.

I'll set up a test case in a fresh 1.2 django instance, and will let
you know the results (and the code used).

Cal

On Wed, Jul 6, 2011 at 5:41 PM, Luke Plant  wrote:
> On 06/07/11 15:43, Cal Leeming [Simplicity Media Ltd] wrote:
>> Today I came across a very strange problem.
>>
>> When attempting to post a form (without the CSRF middleware being
>> present in MIDDLEWARE_CLASSES), django would *always* return a blank
>> page. If the post contained no data, it would come back fine, but if
>> it did contain data, it would come back blank.
>>
>> Upon adding the CSRF middleware into the MIDDLEWARE_CLASSES, and
>> adding {% csrf_token %} into the template, it would return back fine
>> (and without csrf_token - it would return back an exception, as it
>> should).
>>
>> Although it is a good thing that it happened (because I did actually
>> forget to include CSRF middleware), I feel that Django should raise an
>> exception (if this is the default behaviour), to tell the user they
>> must enable CSRF middleware, rather than just returning a blank page.
>>
>> Any thoughts??
>
> Sgreed, but there isn't enough information here to work out what is
> going on. Please file a ticket if you can create a test case that will
> reproduce it. I can't think of any code paths in Django that would
> return 'a blank page' (though I'm not sure I know what you mean by that).
>
> Luke
>
>
> --
>  A mosquito cried out in pain:
>  "A chemist has poisoned my brain!"
>  The cause of his sorrow
>  was para-dichloro-
>  diphenyltrichloroethane
>
> Luke Plant || http://lukeplant.me.uk/
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Django developers" group.
> To post to this group, send email to django-developers@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-developers+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-developers?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Luke Plant 
On 06/07/11 15:43, Cal Leeming [Simplicity Media Ltd] wrote:
> Today I came across a very strange problem.
> 
> When attempting to post a form (without the CSRF middleware being
> present in MIDDLEWARE_CLASSES), django would *always* return a blank
> page. If the post contained no data, it would come back fine, but if
> it did contain data, it would come back blank.
> 
> Upon adding the CSRF middleware into the MIDDLEWARE_CLASSES, and
> adding {% csrf_token %} into the template, it would return back fine
> (and without csrf_token - it would return back an exception, as it
> should).
> 
> Although it is a good thing that it happened (because I did actually
> forget to include CSRF middleware), I feel that Django should raise an
> exception (if this is the default behaviour), to tell the user they
> must enable CSRF middleware, rather than just returning a blank page.
> 
> Any thoughts??

Sgreed, but there isn't enough information here to work out what is
going on. Please file a ticket if you can create a test case that will
reproduce it. I can't think of any code paths in Django that would
return 'a blank page' (though I'm not sure I know what you mean by that).

Luke


-- 
 A mosquito cried out in pain:
 "A chemist has poisoned my brain!"
 The cause of his sorrow
 was para-dichloro-
 diphenyltrichloroethane

Luke Plant || http://lukeplant.me.uk/

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Blank page returned on POST if csrf middleware is not configured... bug?

2011-07-06 Thread Cal Leeming [Simplicity Media Ltd] 
Today I came across a very strange problem.

When attempting to post a form (without the CSRF middleware being
present in MIDDLEWARE_CLASSES), django would *always* return a blank
page. If the post contained no data, it would come back fine, but if
it did contain data, it would come back blank.

Upon adding the CSRF middleware into the MIDDLEWARE_CLASSES, and
adding {% csrf_token %} into the template, it would return back fine
(and without csrf_token - it would return back an exception, as it
should).

Although it is a good thing that it happened (because I did actually
forget to include CSRF middleware), I feel that Django should raise an
exception (if this is the default behaviour), to tell the user they
must enable CSRF middleware, rather than just returning a blank page.

Any thoughts??

Cal

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.