from email.Utils import formatdate class ConditionalGetMiddleware(object): """ Handles conditional GET operations. If the response has a ETag or Last-Modified header, and the request has If-None-Match or If-Modified-Since, the response is replaced by an HttpNotModified. Removes the content from any response to a HEAD request. Also sets the Date and Content-Length response-headers. """ def process_response(self, request, response): response['Date'] = formatdate()[:26] + "GMT" if not response.has_header('Content-Length'): response['Content-Length'] = str(len(response.content)) if response.has_header('ETag'): if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None) if if_none_match == response['ETag']: response.status_code = 304 response.content = '' response['Content-Length'] = '0' if response.has_header('Last-Modified'): last_mod = response['Last-Modified'] if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None) if if_modified_since == response['Last-Modified']: response.status_code = 304 response.content = '' response['Content-Length'] = '0' if request.method == 'HEAD': response.content = '' return response class SetRemoteAddrFromForwardedFor(object): """ Middleware that sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, if the latter is set. This is useful if you're sitting behind a reverse proxy that causes each request's REMOTE_ADDR to be set to 127.0.0.1. Note that this does NOT validate HTTP_X_FORWARDED_FOR. If you're not behind a reverse proxy that sets HTTP_X_FORWARDED_FOR automatically, do not use this middleware. Anybody can spoof the value of HTTP_X_FORWARDED_FOR, and because this sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, that means anybody can "fake" their IP address. Only use this when you can absolutely trust the value of HTTP_X_FORWARDED_FOR. """ def process_request(self, request): try: real_ip = request.META['HTTP_X_FORWARDED_FOR'] except KeyError: return None else: # HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs. # Take just the first one. real_ip = real_ip.split(",")[0] request.META['REMOTE_ADDR'] = real_ip