Use of webob.Reponse in AuthProtocol middleware break content-type handling
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
keystonemiddleware |
Fix Released
|
High
|
Jamie Lennox |
Bug Description
Commit 675729be2e30732
If the self._app returns a response with no content-type then webob will apply a default header[2]. For responses that have bodies this is okay, but for responses that do not, such as 204 or 304 this is invalid and breaks tests that lint WSGI responses[3].
Earlier versions of keystonemiddleware didn't use webob so this problem didn't raise its head.
One might argue that the bug here is in webob (I'll report one there too) but in the meantime a solution might be to create a subclass of Response (or otherwise invade Reponse) that does not have a default_
[2] https:/
Changed in keystonemiddleware: | |
assignee: | nobody → Jamie Lennox (jamielennox) |
status: | Confirmed → In Progress |
Changed in keystonemiddleware: | |
status: | In Progress → Fix Committed |
Changed in keystonemiddleware: | |
milestone: | none → 2.1.0 |
status: | Fix Committed → Fix Released |
We should definitely fix this in ksm, but I would agree the behavior in WebOb is questionable. We have to deal with similar behaviors in Keystone already: http:// git.openstack. org/cgit/ openstack/ keystone/ tree/keystone/ common/ wsgi.py# n770
I wouldn't be surprised if they mark the bug as "won't fix" because it would break their consumers who may be expecting that behavior.