Middleware can break django piston PUT/POST coercion
Here is the exception that first got me onto this bug (for googlers):
//AttributeError: You cannot set the upload handlers after the upload has been processed.//
After much debugging, I discovered that I was using request middleware that inspects POST data for a session key:
class PostSessionMiddleware(SessionMiddleware): """Session middleware that supports extracting the session id from post data."""
def process_request(self, request): session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None) if session_key is None: session_key = request.POST.get(settings.SESSION_COOKIE_NAME, None) engine = import_module(settings.SESSION_ENGINE) request.session = engine.SessionStore(session_key)
This middleware is required if you use sessions to maintain authentication and want to send authenticated put requests via flash, which doesn't send browser cookies.
The request middleware is run before piston code is called, and so by the time piston does get called, the request PUT/POST data has already been processed, and piston.utils.coerce_put_post fails with the above exception.
I don't feel comfortable enough with the internals of Django's request processing to know what the best solution is, but something that at least works with django 1.1 is to only run coerce_put_post if not hasattr(request, "_files").
I will be fixing this in my fork shortly.