def post(self, request, *args, **kwargs): if request.POST.get('filetype') == 'file': field = FileField elif request.POST.get('filetype') == 'image': field = ImageField else: raise SuspiciousMultipartForm( "Missing attribute 'filetype' in form data.") data = {} for name, file_obj in request.FILES.items(): data[name] = field.preview(file_obj) return JsonResponse(data)
def done(self, form_list, **kwargs): self.is_done = True form_dict = kwargs.get('form_dict', {}) upload_form = form_dict.get('upload', None) if not upload_form: raise SuspiciousMultipartForm( 'Could not find the formular for the upload step.') cleaned_data = upload_form.cleaned_data files = [] if cleaned_data: files = [file.name for file in cleaned_data.get('file_field', [])] return self.render(self.templates['done'], files=files)
def _update_unget_history(self, num_bytes): """ Updates the unget history as a sanity check to see if we've pushed back the same number of bytes in one chunk. If we keep ungetting the same number of bytes many times (here, 50), we're mostly likely in an infinite loop of some sort. This is usually caused by a maliciously-malformed MIME request. """ self._unget_history = [num_bytes] + self._unget_history[:49] number_equal = len([current_number for current_number in self._unget_history if current_number == num_bytes]) if number_equal > 40: raise SuspiciousMultipartForm( "The multipart parser got stuck, which shouldn't happen with" " normal uploaded files. Check for malicious upload activity;" " if there is none, report this to the Django developers." )