Fixed #18659 -- Deprecated request.REQUEST and MergeDict (2fb5a51f) · Commits · Dom Sekotill / django

django/contrib/admin/options.py

+8 −4

Original line number	Diff line number	Diff line
		@@ -1284,8 +1284,10 @@ class ModelAdmin(BaseModelAdmin):
		context = dict(self.admin_site.each_context(),
		title=_('Add %s') % force_text(opts.verbose_name),
		adminform=adminForm,
		is_popup=IS_POPUP_VAR in request.REQUEST,
		to_field=request.REQUEST.get(TO_FIELD_VAR),
		is_popup=(IS_POPUP_VAR in request.POST or
		IS_POPUP_VAR in request.GET),
		to_field=request.POST.get(TO_FIELD_VAR,
		request.GET.get(TO_FIELD_VAR)),
		media=media,
		inline_admin_formsets=inline_admin_formsets,
		errors=helpers.AdminErrorList(form, formsets),
		@@ -1357,8 +1359,10 @@ class ModelAdmin(BaseModelAdmin):
		adminform=adminForm,
		object_id=object_id,
		original=obj,
		is_popup=IS_POPUP_VAR in request.REQUEST,
		to_field=request.REQUEST.get(TO_FIELD_VAR),
		is_popup=(IS_POPUP_VAR in request.POST or
		IS_POPUP_VAR in request.GET),
		to_field=request.POST.get(TO_FIELD_VAR,
		request.GET.get(TO_FIELD_VAR)),
		media=media,
		inline_admin_formsets=inline_admin_formsets,
		errors=helpers.AdminErrorList(form, formsets),

+2 −1

Original line number	Diff line number	Diff line
		@@ -144,7 +144,8 @@ class UserAdmin(admin.ModelAdmin):
		'adminForm': adminForm,
		'form_url': form_url,
		'form': form,
		'is_popup': IS_POPUP_VAR in request.REQUEST,
		'is_popup': (IS_POPUP_VAR in request.POST or
		IS_POPUP_VAR in request.GET),
		'add': True,
		'change': False,
		'has_delete_permission': False,

+0 −1

Original line number	Diff line number	Diff line
		@@ -526,7 +526,6 @@ class LoginTest(AuthViewsTestCase):
		req.COOKIES[settings.CSRF_COOKIE_NAME] = token1
		req.method = "POST"
		req.POST = {'username': 'testclient', 'password': password, 'csrfmiddlewaretoken': token1}
		req.REQUEST = req.POST

		# Use POST request to log in
		SessionMiddleware().process_request(req)

+6 −3

Original line number	Diff line number	Diff line
		@@ -28,7 +28,8 @@ def login(request, template_name='registration/login.html',
		"""
		Displays the login form and handles the login action.
		"""
		redirect_to = request.REQUEST.get(redirect_field_name, '')
		redirect_to = request.POST.get(redirect_field_name,
		request.GET.get(redirect_field_name, ''))

		if request.method == "POST":
		form = authentication_form(request, data=request.POST)
		@@ -71,8 +72,10 @@ def logout(request, next_page=None,
		if next_page is not None:
		next_page = resolve_url(next_page)

		if redirect_field_name in request.REQUEST:
		next_page = request.REQUEST[redirect_field_name]
		if (redirect_field_name in request.POST or
		redirect_field_name in request.GET):
		next_page = request.POST.get(redirect_field_name,
		request.GET.get(redirect_field_name))
		# Security check -- don't allow redirection to a different host.
		if not is_safe_url(url=next_page, host=request.get_host()):
		next_page = request.path

+3 −0

Original line number	Diff line number	Diff line
		@@ -5,6 +5,7 @@ import logging
		import sys
		from io import BytesIO
		from threading import Lock
		import warnings

		from django import http
		from django.conf import settings
		@@ -129,6 +130,8 @@ class WSGIRequest(http.HttpRequest):
		return content_type, content_params

		def _get_request(self):
		warnings.warn('`request.REQUEST` is deprecated, use `request.GET` or '
		'`request.POST` instead.', PendingDeprecationWarning, 2)
		if not hasattr(self, '_request'):
		self._request = datastructures.MergeDict(self.POST, self.GET)
		return self._request