Exception: You cannot access body after reading from request's data stream

Question

Since Django 1.5 raw post data is accessible via request.body.

In my application I sometimes get data send via a form and sometimes raw data (json for example). Is there any way to write a function like this that does not fail?

def get_post_var(request, name):
    result = request.POST.get(name)
    if result:
        return result

    post_body = dict(urlparse.parse_qsl(request.body))
    result = post_body.get(name)
    if result:
        return result

    return None

Answer 1

You need call request.data instead request.body, if there's still an error, you need to call request.data ONLY one time (check you view, middleware, or maybe paginator) and if you find that you call it more then one time, add request.data to reference, for example request_data, or smth like this. It's work for me

Answer 2

For those interested to know, I faced this issue:

You cannot access body after reading from request's data stream

when I added 'oauth2_provider.contrib.rest_framework.OAuth2Authentication' in the "REST_FRAMEWORK" like so in the settings.py:

REST_FRAMEWORK = {
   ...
    'DEFAULT_AUTHENTICATION_CLASSES': (
      ...
       'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
      ...
    ),

Of course disabling this will work but not a workaround I would be proud of.

Answer 3

For those with the same error who are not readying the body or POST, I had this same error when I used this line of code in a process_view middleware::

   event = request.event if 'event' in request else None

Solved by settings request.event = None at the top of the function so I could then use:

    event = request.event

Answer 4

Use request.data instead of request.body.

request.data does not read the data stream again.

Answer 5

I was able to read my request.POST after putting @csrf_exempt before my view function. Because CSRF middleware accesses POST data.

Answer 6

Adding to Adam Easterling's answer it is worth noting that Django itself 'violates' the hint of not using request.POST in middleware:

The CsrfViewMiddleware class can be considered an exception, as it provides the csrf_exempt() and csrf_protect() decorators which allow views to explicitly control at what point the CSRF validation should occur.

Which does not sanitilize the violation IMO

Answer 7

The error You cannot access body after reading from request's data stream will be triggered on a request if (1) that request method is POST, (2) that request's POST dictionary is accessed in middleware, in either process_request or process_view and (3) within the view function, request.body is accessed. It is on (3) that the error will be raised, even though the real cause of the bug is (2).

In order to resolve the error, you need to examine your middleware for where it accesses request.POST and modify it such that it doesn't access request.POST anymore.

The Django docs say that middleware should not access request.POST, and this is one consequence of ignoring that recommendation.

Also check out this Django ticket on the issue, which includes the note:

[M]iddleware that hits request.POST should (usually) be considered a bug. It means that the view will be unable to set any custom upload handlers, perform custom parsing of the request body, or enforce permission checks prior to file uploads being accepted.