You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 23, 2020. It is now read-only.
when posting a file while using DigestAuth as authentication method, an empty file is uploaded instead
Expected behaviour
The file should be uploaded with its correct content
Actual behaviour
A file with no content is uploaded
Steps to reproduce
FlaskDigestAuthServer.py
from flask import Flask, flash, request, redirect
from flask_httpauth import HTTPDigestAuth
app = Flask(__name__)
app.config['SECRET_KEY'] = 'secret key here'
auth = HTTPDigestAuth()
users = {
"root": "root",
}
@auth.get_password
def get_pw(username):
if username in users:
return users.get(username)
return None
@app.route('/', methods=['GET', 'POST'])
@auth.login_required
def upload_file():
if request.method == 'POST':
# check if the post request has the file part
if 'file' not in request.files:
flash('No file part')
return redirect(request.url)
file = request.files['file']
fileContent = file.read().decode()
if fileContent == '':
return 'file was empty'
else:
return fileContent
return '''
<!doctype html>
<title>Upload new File</title>
<h1>Upload new File</h1>
<form method=post enctype=multipart/form-data>
<input type=file name=file>
<input type=submit value=Upload>
</form>
'''
if __name__ == '__main__':
app.run(port=1337)
TestFileUpload.py
from pulsar.apps import http
from tempfile import NamedTemporaryFile
import asyncio
async def request():
with NamedTemporaryFile() as tmpFile:
tmpFile.write('hello world'.encode())
tmpFile.seek(0)
sessions = http.HttpClient()
resp = await sessions.post(
'http://127.0.0.1:1337/',
files={'file': tmpFile},
auth=http.HTTPDigestAuth('root', 'root')
)
print(resp.text)
asyncio.get_event_loop().run_until_complete(request())
The server responds with 'file was empty' even the file had the content 'hello world'
As soon as one comments out the '@auth.login_required' from the server and the 'auth=http.HTTPDigestAuth('root', 'root')' of the client, the file content is returned correctly
This is not an issue of Flask. I noticed this this bug while trying to upload a file to some digestAuth enabled lighttpd server
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2.0.2
3.6.5
Linux/Ubuntu16.04
Description
when posting a file while using DigestAuth as authentication method, an empty file is uploaded instead
Expected behaviour
The file should be uploaded with its correct content
Actual behaviour
A file with no content is uploaded
Steps to reproduce
FlaskDigestAuthServer.py
TestFileUpload.py
The server responds with 'file was empty' even the file had the content 'hello world'
As soon as one comments out the '@auth.login_required' from the server and the 'auth=http.HTTPDigestAuth('root', 'root')' of the client, the file content is returned correctly
This is not an issue of Flask. I noticed this this bug while trying to upload a file to some digestAuth enabled lighttpd server
The text was updated successfully, but these errors were encountered: