2007-07-16 11:50:22 +08:00
|
|
|
from email.Utils import formatdate
|
2005-10-09 08:55:08 +08:00
|
|
|
|
2006-06-08 13:00:13 +08:00
|
|
|
class ConditionalGetMiddleware(object):
|
2005-10-09 08:55:08 +08:00
|
|
|
"""
|
|
|
|
Handles conditional GET operations. If the response has a ETag or
|
|
|
|
Last-Modified header, and the request has If-None-Match or
|
|
|
|
If-Modified-Since, the response is replaced by an HttpNotModified.
|
|
|
|
|
|
|
|
Removes the content from any response to a HEAD request.
|
|
|
|
|
|
|
|
Also sets the Date and Content-Length response-headers.
|
|
|
|
"""
|
|
|
|
def process_response(self, request, response):
|
2007-07-16 11:50:22 +08:00
|
|
|
response['Date'] = formatdate()[:26] + "GMT"
|
2005-10-09 08:55:08 +08:00
|
|
|
if not response.has_header('Content-Length'):
|
|
|
|
response['Content-Length'] = str(len(response.content))
|
|
|
|
|
|
|
|
if response.has_header('ETag'):
|
|
|
|
if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None)
|
|
|
|
if if_none_match == response['ETag']:
|
|
|
|
response.status_code = 304
|
|
|
|
response.content = ''
|
|
|
|
response['Content-Length'] = '0'
|
|
|
|
|
|
|
|
if response.has_header('Last-Modified'):
|
|
|
|
last_mod = response['Last-Modified']
|
|
|
|
if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None)
|
|
|
|
if if_modified_since == response['Last-Modified']:
|
|
|
|
response.status_code = 304
|
|
|
|
response.content = ''
|
|
|
|
response['Content-Length'] = '0'
|
|
|
|
|
2006-06-20 12:34:13 +08:00
|
|
|
if request.method == 'HEAD':
|
2005-10-09 08:55:08 +08:00
|
|
|
response.content = ''
|
|
|
|
|
|
|
|
return response
|
2006-08-18 11:12:36 +08:00
|
|
|
|
|
|
|
class SetRemoteAddrFromForwardedFor(object):
|
|
|
|
"""
|
|
|
|
Middleware that sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, if the
|
|
|
|
latter is set. This is useful if you're sitting behind a reverse proxy that
|
|
|
|
causes each request's REMOTE_ADDR to be set to 127.0.0.1.
|
|
|
|
|
|
|
|
Note that this does NOT validate HTTP_X_FORWARDED_FOR. If you're not behind
|
|
|
|
a reverse proxy that sets HTTP_X_FORWARDED_FOR automatically, do not use
|
|
|
|
this middleware. Anybody can spoof the value of HTTP_X_FORWARDED_FOR, and
|
|
|
|
because this sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, that means
|
|
|
|
anybody can "fake" their IP address. Only use this when you can absolutely
|
|
|
|
trust the value of HTTP_X_FORWARDED_FOR.
|
|
|
|
"""
|
|
|
|
def process_request(self, request):
|
|
|
|
try:
|
|
|
|
real_ip = request.META['HTTP_X_FORWARDED_FOR']
|
|
|
|
except KeyError:
|
|
|
|
return None
|
|
|
|
else:
|
|
|
|
# HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs.
|
2007-09-17 00:54:16 +08:00
|
|
|
# Take just the last one.
|
|
|
|
# See http://bob.pythonmac.org/archives/2005/09/23/apache-x-forwarded-for-caveat/
|
|
|
|
real_ip = real_ip.split(",")[-1].strip()
|
2006-08-18 11:12:36 +08:00
|
|
|
request.META['REMOTE_ADDR'] = real_ip
|