Fixed #4148 -- Changed the way attachments are served to IE to avoid some

caching and header-related bugs there. Only comes into play when Internet Explorer is the user-agent. Patch from Michael Axiak, with testing from Axis_of_Entropy and Karen Tracey. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7856 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-07 01:45:19 +00:00 · 2008-07-07 01:45:19 +00:00 · 8975bba742
parent 6048389391
commit 8975bba742
2 changed files with 57 additions and 2 deletions
--- a/django/core/handlers/base.py
+++ b/django/core/handlers/base.py
@ -6,8 +6,12 @@ from django.dispatch import dispatcher

 class BaseHandler(object):
    # Changes that are always applied to a response (in this order).
-    response_fixes = [http.fix_location_header,
-            http.conditional_content_removal]
+    response_fixes = [
+        http.fix_location_header,
+        http.conditional_content_removal,
+        http.fix_IE_for_attach,
+        http.fix_IE_for_vary,
+    ]

    def __init__(self):
        self._request_middleware = self._view_middleware = self._response_middleware = self._exception_middleware = None
--- a/django/http/utils.py
+++ b/django/http/utils.py
@ -31,3 +31,54 @@ def conditional_content_removal(request, response):
    if request.method == 'HEAD':
        response.content = ''
    return response
+
+def fix_IE_for_attach(request, response):
+    """
+    This function will prevent Django from serving a Content-Disposition header
+    while expecting the browser to cache it (only when the browser is IE). This
+    leads to IE not allowing the client to download.
+    """
+    if 'MSIE' not in request.META.get('HTTP_USER_AGENT', '').upper():
+        return response
+
+    offending_headers = ('no-cache', 'no-store')
+    if response.has_header('Content-Disposition'):
+        try:
+            del response['Pragma']
+        except KeyError:
+            pass
+        if response.has_header('Cache-Control'):
+            cache_control_values = [value.strip() for value in
+                    response['Cache-Control'].split(',')
+                    if value.strip().lower() not in offending_headers]
+
+            if not len(cache_control_values):
+                del response['Cache-Control']
+            else:
+                response['Cache-Control'] = ', '.join(cache_control_values)
+
+    return response
+
+def fix_IE_for_vary(request, response):
+    """
+    This function will fix the bug reported at
+    http://support.microsoft.com/kb/824847/en-us?spid=8722&sid=global
+    by clearing the Vary header whenever the mime-type is not safe
+    enough for Internet Explorer to handle.  Poor thing.
+    """
+    if 'MSIE' not in request.META.get('HTTP_USER_AGENT', '').upper():
+        return response
+
+    # These mime-types that are decreed "Vary-safe" for IE:
+    safe_mime_types = ('text/html', 'text/plain', 'text/sgml')
+
+    # The first part of the Content-Type field will be the MIME type,
+    # everything after ';', such as character-set, can be ignored.
+    if response['Content-Type'].split(';')[0] not in safe_mime_types:
+        try:
+            del response['Vary']
+        except KeyError:
+            pass
+
+    return response
+