From dfd4a7175119ddb422d8426dcc15902265d5a428 Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Sat, 20 Oct 2012 14:33:57 +0200 Subject: Fixed #5611 -- Restricted accepted content types in parsing POST data Thanks paulegan for the report and Preston Holmes for the review. --- docs/ref/request-response.txt | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'docs/ref') diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt index 0a337eba42..d7266f0aff 100644 --- a/docs/ref/request-response.txt +++ b/docs/ref/request-response.txt @@ -92,8 +92,14 @@ All attributes should be considered read-only, unless stated otherwise below. .. attribute:: HttpRequest.POST - A dictionary-like object containing all given HTTP POST parameters. See the - :class:`QueryDict` documentation below. + A dictionary-like object containing all given HTTP POST parameters, + providing that the request contains form data. See the + :class:`QueryDict` documentation below. If you need to access raw or + non-form data posted in the request, access this through the + :attr:`HttpRequest.body` attribute instead. + + .. versionchanged:: 1.5 + Before Django 1.5, HttpRequest.POST contained non-form data. It's possible that a request can come in via POST with an empty ``POST`` dictionary -- if, say, a form is requested via the POST HTTP method but -- cgit v1.3