2009-07-29 13:35:51 +08:00
|
|
|
from django.core.exceptions import MiddlewareNotUsed
|
2007-10-31 11:59:40 +08:00
|
|
|
from django.utils.http import http_date
|
2005-10-09 08:55:08 +08:00
|
|
|
|
2006-06-08 13:00:13 +08:00
|
|
|
class ConditionalGetMiddleware(object):
|
2005-10-09 08:55:08 +08:00
|
|
|
"""
|
|
|
|
Handles conditional GET operations. If the response has a ETag or
|
|
|
|
Last-Modified header, and the request has If-None-Match or
|
|
|
|
If-Modified-Since, the response is replaced by an HttpNotModified.
|
|
|
|
|
|
|
|
Also sets the Date and Content-Length response-headers.
|
|
|
|
"""
|
|
|
|
def process_response(self, request, response):
|
2007-10-31 11:59:40 +08:00
|
|
|
response['Date'] = http_date()
|
2005-10-09 08:55:08 +08:00
|
|
|
if not response.has_header('Content-Length'):
|
|
|
|
response['Content-Length'] = str(len(response.content))
|
|
|
|
|
|
|
|
if response.has_header('ETag'):
|
|
|
|
if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None)
|
|
|
|
if if_none_match == response['ETag']:
|
2007-11-11 11:55:44 +08:00
|
|
|
# Setting the status is enough here. The response handling path
|
|
|
|
# automatically removes content for this status code (in
|
|
|
|
# http.conditional_content_removal()).
|
2008-06-30 15:03:58 +08:00
|
|
|
response.status_code = 304
|
2005-10-09 08:55:08 +08:00
|
|
|
|
|
|
|
if response.has_header('Last-Modified'):
|
|
|
|
if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None)
|
|
|
|
if if_modified_since == response['Last-Modified']:
|
2007-11-11 11:55:44 +08:00
|
|
|
# Setting the status code is enough here (same reasons as
|
|
|
|
# above).
|
2008-06-30 15:03:58 +08:00
|
|
|
response.status_code = 304
|
2005-10-09 08:55:08 +08:00
|
|
|
|
|
|
|
return response
|
2006-08-18 11:12:36 +08:00
|
|
|
|
|
|
|
class SetRemoteAddrFromForwardedFor(object):
|
|
|
|
"""
|
2009-07-29 13:35:51 +08:00
|
|
|
This middleware has been removed; see the Django 1.1 release notes for
|
|
|
|
details.
|
|
|
|
|
|
|
|
It previously set REMOTE_ADDR based on HTTP_X_FORWARDED_FOR. However, after
|
|
|
|
investiagtion, it turns out this is impossible to do in a general manner:
|
|
|
|
different proxies treat the X-Forwarded-For header differently. Thus, a
|
|
|
|
built-in middleware can lead to application-level security problems, and so
|
|
|
|
this was removed in Django 1.1
|
|
|
|
|
2006-08-18 11:12:36 +08:00
|
|
|
"""
|
2009-07-29 13:35:51 +08:00
|
|
|
def __init__(self):
|
|
|
|
import warnings
|
|
|
|
warnings.warn("SetRemoteAddrFromForwardedFor has been removed. "
|
|
|
|
"See the Django 1.1 release notes for details.",
|
|
|
|
category=DeprecationWarning)
|
|
|
|
raise MiddlewareNotUsed()
|