Fixed #27226 -- Removed patch_response_headers()'s setting of the Last-Modified header.

django/utils/cache.py

@@ -229,8 +229,8 @@ def _if_modified_since_passes(last_modified, if_modified_since):
 
 def patch_response_headers(response, cache_timeout=None):
     """
-    Adds some useful headers to the given HttpResponse object:
-        ETag, Last-Modified, Expires and Cache-Control
+    Add HTTP caching headers to the given HttpResponse: Expires and
+    Cache-Control.
 
     Each header is only added if it isn't already set.
 
@@ -246,8 +246,6 @@ def patch_response_headers(response, cache_timeout=None):
             response.add_post_render_callback(set_response_etag)
         else:
             response = set_response_etag(response)
-    if not response.has_header('Last-Modified'):
-        response['Last-Modified'] = http_date()
     if not response.has_header('Expires'):
         response['Expires'] = http_date(time.time() + cache_timeout)
     patch_cache_control(response, max_age=cache_timeout)

docs/ref/utils.txt

@@ -53,7 +53,6 @@ need to distinguish caches by the ``Accept-language`` header.
     Adds some useful headers to the given ``HttpResponse`` object:
 
     * ``ETag``
-    * ``Last-Modified``
     * ``Expires``
     * ``Cache-Control``
 
@@ -62,6 +61,10 @@ need to distinguish caches by the ``Accept-language`` header.
     ``cache_timeout`` is in seconds. The :setting:`CACHE_MIDDLEWARE_SECONDS`
     setting is used by default.
 
+    .. versionchanged:: 1.11
+
+        In older versions, the ``Last-Modified`` header was also set.
+
 .. function:: add_never_cache_headers(response)
 
     Adds a ``Cache-Control: max-age=0, no-cache, no-store, must-revalidate``

docs/releases/1.11.txt

@@ -539,6 +539,14 @@ Miscellaneous
   :rfc:`7232` Conditional Requests specification rather than the older
   :rfc:`2616`.
 
+* :func:`~django.utils.cache.patch_response_headers` no longer adds a
+  ``Last-Modified`` header. According to the :rfc:`7234#section-4.2.2`, this
+  header is useless alongside other caching headers that provide an explicit
+  expiration time, e.g. ``Expires`` or ``Cache-Control``.
+  :class:`~django.middleware.cache.UpdateCacheMiddleware` and
+  :func:`~django.utils.cache.add_never_cache_headers` call
+  ``patch_response_headers()`` and therefore are also affected by this change.
+
 * In the admin templates, ``<p class="help">`` is replaced with a ``<div>`` tag
   to allow including lists inside help text.
 

docs/topics/cache.txt

@@ -528,15 +528,16 @@ return a cached GET response for HEAD request.
 Additionally, ``UpdateCacheMiddleware`` automatically sets a few headers in each
 :class:`~django.http.HttpResponse`:
 
-* Sets the ``Last-Modified`` header to the current date/time when a fresh
-  (not cached) version of the page is requested.
-
 * Sets the ``Expires`` header to the current date/time plus the defined
   :setting:`CACHE_MIDDLEWARE_SECONDS`.
 
 * Sets the ``Cache-Control`` header to give a max age for the page --
   again, from the :setting:`CACHE_MIDDLEWARE_SECONDS` setting.
 
+.. versionchanged:: 1.11
+
+    In older versions, the ``Last-Modified`` header was also set.
+
 See :doc:`/topics/http/middleware` for more on middleware.
 
 If a view sets its own cache expiry time (i.e. it has a ``max-age`` section in