Hidden Assumptions in starlette

Multipart form fields fit in memory as bytearray objects. Each MultipartPart stores field data in a bytearray that grows as data arrives.

If this fails: Large multipart fields (like base64-encoded files submitted as form data) will consume unbounded memory. A 100MB base64 field will use ~133MB RAM per concurrent upload.

Environment variables are only set during application startup before any values are read. The _has_been_read tracking prevents modification of already-accessed env vars.

If this fails: Runtime configuration updates fail silently or crash with EnvironError. Hot configuration reloads in production become impossible once the app has started reading config values.

Middleware order in the sequence parameter determines execution order. The framework doesn't validate or document that ServerErrorMiddleware must be outermost and ExceptionMiddleware innermost.

If this fails: If users place their own middleware outside ServerErrorMiddleware, unhandled exceptions won't be caught properly. Request/response modifications by incorrectly ordered middleware can bypass security checks.

allow_origin_regex parameter contains valid regex syntax. The code compiles it with re.compile(allow_origin_regex) without validation.

If this fails: Invalid regex patterns cause the application to crash at startup with re.error. The error message doesn't clearly indicate it's from CORS configuration, making debugging difficult.

max_age=600 seconds is appropriate for all use cases. The default 10-minute preflight cache duration is hardcoded without considering varying security requirements.

If this fails: High-security applications may cache preflight responses too long, while high-traffic APIs may generate excessive preflight requests due to short cache duration. No guidance provided for tuning this value.

HTTP method names are always uppercase strings matching exact method names ('GET', 'POST', etc). The code checks for lowercase method names as attributes but stores uppercase strings.

If this fails: Custom HTTP methods or case-sensitive method handling won't work correctly. Non-standard methods like 'PATCH' variants or WebDAV methods ('PROPFIND') are silently ignored.

is_async_callable() correctly detects async functions and that threadpool execution is always available. No fallback handling if threadpool is unavailable.

If this fails: If threadpool is exhausted or unavailable, sync background tasks will block the event loop indefinitely. Incorrect async detection could cause sync functions to be awaited directly.

Exception handlers are callable objects that accept (request, exc) parameters and return Response objects. No signature validation is performed when adding handlers.

If this fails: Invalid exception handlers cause crashes when exceptions occur rather than at registration time. A handler that expects different parameters will fail with TypeError during request processing.

Environment variable access patterns are single-threaded or that the _has_been_read set is thread-safe. The tracking uses a plain Python set without locking.

If this fails: In multi-threaded scenarios (like with threading-based ASGI servers), race conditions can occur where env vars appear unread when they were actually read by another thread, leading to inconsistent EnvironError exceptions.