[1.3.X] Fixed #16632 -- Crash on responses without Content-Type with IE. Backport of r17196.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@17198 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11 10:09:15 +00:00 · 2011-12-11 10:09:15 +00:00 · b5853cf043
parent 68f37a9081
commit b5853cf043
2 changed files with 50 additions and 1 deletions
--- a/django/http/utils.py
+++ b/django/http/utils.py
@ -76,7 +76,8 @@ def fix_IE_for_vary(request, response):

    # The first part of the Content-Type field will be the MIME type,
    # everything after ';', such as character-set, can be ignored.
-    if response['Content-Type'].split(';')[0] not in safe_mime_types:
+    mime_type = response.get('Content-Type', '').partition(';')[0]
+    if mime_type not in safe_mime_types:
        try:
            del response['Vary']
        except KeyError:
--- a/tests/regressiontests/utils/http.py
+++ b/tests/regressiontests/utils/http.py
@ -1,5 +1,7 @@
 from django.utils import http
 from django.utils import unittest
+from django.http import HttpResponse, utils
+from django.test import RequestFactory

 class TestUtilsHttp(unittest.TestCase):

@ -21,3 +23,49 @@ class TestUtilsHttp(unittest.TestCase):
        self.assertFalse(http.same_origin('http://foo.com', 'http://foo.com.evil.com'))
        # Different port
        self.assertFalse(http.same_origin('http://foo.com:8000', 'http://foo.com:8001'))
+
+    def test_fix_IE_for_vary(self):
+        """
+        Regression for #16632.
+
+        `fix_IE_for_vary` shouldn't crash when there's no Content-Type header.
+        """
+
+        # functions to generate responses
+        def response_with_unsafe_content_type():
+            r = HttpResponse(content_type="text/unsafe")
+            r['Vary'] = 'Cookie'
+            return r
+
+        def no_content_response_with_unsafe_content_type():
+            # 'Content-Type' always defaulted, so delete it
+            r = response_with_unsafe_content_type()
+            del r['Content-Type']
+            return r
+
+        # request with & without IE user agent
+        rf = RequestFactory()
+        request = rf.get('/')
+        ie_request = rf.get('/', HTTP_USER_AGENT='MSIE')
+
+        # not IE, unsafe_content_type
+        response = response_with_unsafe_content_type()
+        utils.fix_IE_for_vary(request, response)
+        self.assertTrue('Vary' in response)
+
+        # IE, unsafe_content_type
+        response = response_with_unsafe_content_type()
+        utils.fix_IE_for_vary(ie_request, response)
+        self.assertFalse('Vary' in response)
+
+        # not IE, no_content
+        response = no_content_response_with_unsafe_content_type()
+        utils.fix_IE_for_vary(request, response)
+        self.assertTrue('Vary' in response)
+
+        # IE, no_content
+        response = no_content_response_with_unsafe_content_type()
+        utils.fix_IE_for_vary(ie_request, response)
+        self.assertFalse('Vary' in response)
+
+