test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed #15201: Marked CACHE_MIDDLEWARE_ANONYMOUS_ONLY as deprecated

This commit is contained in:
Łukasz Langa 2013-05-18 16:10:14 +02:00 committed by Aymeric Augustin
parent 398841d6d3
commit bd97f7d0cb
7 changed files with 39 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
django/middleware/cache.py
View File

@ -29,11 +29,6 @@ More details about how the caching works:
of the response's "Cache-Control" header, falling back to the of the response's "Cache-Control" header, falling back to the
CACHE_MIDDLEWARE_SECONDS setting if the section was not found. CACHE_MIDDLEWARE_SECONDS setting if the section was not found.
* If CACHE_MIDDLEWARE_ANONYMOUS_ONLY is set to True, only anonymous requests
(i.e., those not made by a logged-in user) will be cached. This is a simple
and effective way of avoiding the caching of the Django admin (and any other
user-specific content).
* This middleware expects that a HEAD request is answered with the same response * This middleware expects that a HEAD request is answered with the same response
headers exactly like the corresponding GET request. headers exactly like the corresponding GET request.
@ -48,6 +43,8 @@ More details about how the caching works:
""" """
import warnings
from django.conf import settings from django.conf import settings
from django.core.cache import get_cache, DEFAULT_CACHE_ALIAS from django.core.cache import get_cache, DEFAULT_CACHE_ALIAS
from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age
@ -200,5 +197,9 @@ class CacheMiddleware(UpdateCacheMiddleware, FetchFromCacheMiddleware):
else: else:
self.cache_anonymous_only = cache_anonymous_only self.cache_anonymous_only = cache_anonymous_only
if self.cache_anonymous_only:
msg = "CACHE_MIDDLEWARE_ANONYMOUS_ONLY has been deprecated and will be removed in Django 1.8."
warnings.warn(msg, PendingDeprecationWarning, stacklevel=1)
self.cache = get_cache(self.cache_alias, **cache_kwargs) self.cache = get_cache(self.cache_alias, **cache_kwargs)
self.cache_timeout = self.cache.default_timeout self.cache_timeout = self.cache.default_timeout

6
docs/faq/admin.txt
View File

@ -27,12 +27,6 @@ account has :attr:`~django.contrib.auth.models.User.is_active` and
:attr:`~django.contrib.auth.models.User.is_staff` set to True. The admin site :attr:`~django.contrib.auth.models.User.is_staff` set to True. The admin site
only allows access to users with those two fields both set to True. only allows access to users with those two fields both set to True.
How can I prevent the cache middleware from caching the admin site?
-------------------------------------------------------------------
Set the :setting:`CACHE_MIDDLEWARE_ANONYMOUS_ONLY` setting to ``True``. See the
:doc:`cache documentation </topics/cache>` for more information.
How do I automatically set a field's value to the user who last edited the object in the admin? How do I automatically set a field's value to the user who last edited the object in the admin?
----------------------------------------------------------------------------------------------- -----------------------------------------------------------------------------------------------

2
docs/internals/deprecation.txt
View File

@ -390,6 +390,8 @@ these changes.
``django.test.testcases.OutputChecker`` will be removed. Instead use the ``django.test.testcases.OutputChecker`` will be removed. Instead use the
doctest module from the Python standard library. doctest module from the Python standard library.
* The ``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting will be removed.
2.0 2.0
--- ---

8
docs/ref/settings.txt
View File

@ -280,6 +280,12 @@ CACHE_MIDDLEWARE_ANONYMOUS_ONLY
Default: ``False`` Default: ``False``
.. deprecated:: 1.6
This setting was largely ineffective because of using cookies for sessions
and CSRF. See the :doc:`Django 1.6 release notes</releases/1.6>` for more
information.
If the value of this setting is ``True``, only anonymous requests (i.e., not If the value of this setting is ``True``, only anonymous requests (i.e., not
those made by a logged-in user) will be cached. Otherwise, the middleware those made by a logged-in user) will be cached. Otherwise, the middleware
caches every page that doesn't have GET or POST parameters. caches every page that doesn't have GET or POST parameters.
@ -287,8 +293,6 @@ caches every page that doesn't have GET or POST parameters.
If you set the value of this setting to ``True``, you should make sure you've If you set the value of this setting to ``True``, you should make sure you've
activated ``AuthenticationMiddleware``. activated ``AuthenticationMiddleware``.
See :doc:`/topics/cache`.
.. setting:: CACHE_MIDDLEWARE_KEY_PREFIX .. setting:: CACHE_MIDDLEWARE_KEY_PREFIX
CACHE_MIDDLEWARE_KEY_PREFIX CACHE_MIDDLEWARE_KEY_PREFIX

17
docs/releases/1.6.txt
View File

@ -569,6 +569,23 @@ If necessary, you can temporarily disable auto-escaping with
:func:`~django.utils.safestring.mark_safe` or :ttag:`{% autoescape off %} :func:`~django.utils.safestring.mark_safe` or :ttag:`{% autoescape off %}
<autoescape>`. <autoescape>`.
``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
``CacheMiddleware`` used to provide a way to cache requests only if they
weren't made by a logged-in user. This mechanism was largely ineffective
because the middleware correctly takes into account the ``Vary: Cookie`` HTTP
header, and this header is being set on a variety of occasions, such as:
* accessing the session, or
* using CSRF protection, which is turned on by default, or
* using a client-side library which sets cookies, like `Google Analytics`__.
This makes the cache effectively work on a per-session basis regardless of the
``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting.
__ http://www.google.com/analytics/
``SEND_BROKEN_LINK_EMAILS`` setting ``SEND_BROKEN_LINK_EMAILS`` setting
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

12
docs/topics/cache.txt
View File

@ -443,15 +443,9 @@ Then, add the following required settings to your Django settings file:
The cache middleware caches GET and HEAD responses with status 200, where the request The cache middleware caches GET and HEAD responses with status 200, where the request
and response headers allow. Responses to requests for the same URL with different and response headers allow. Responses to requests for the same URL with different
query parameters are considered to be unique pages and are cached separately. query parameters are considered to be unique pages and are cached separately.
Optionally, if the :setting:`CACHE_MIDDLEWARE_ANONYMOUS_ONLY` The cache middleware expects that a HEAD request is answered with the same
setting is ``True``, only anonymous requests (i.e., not those made by a response headers as the corresponding GET request; in which case it can return
logged-in user) will be cached. This is a simple and effective way of disabling a cached GET response for HEAD request.
caching for any user-specific pages (including Django's admin interface). Note
that if you use :setting:`CACHE_MIDDLEWARE_ANONYMOUS_ONLY`, you should make
sure you've activated ``AuthenticationMiddleware``. The cache middleware
expects that a HEAD request is answered with the same response headers as
the corresponding GET request; in which case it can return a cached GET
response for HEAD request.
Additionally, the cache middleware automatically sets a few headers in each Additionally, the cache middleware automatically sets a few headers in each
:class:`~django.http.HttpResponse`: :class:`~django.http.HttpResponse`:

8
tests/cache/tests.py vendored
View File

@ -28,8 +28,8 @@ from django.middleware.cache import (FetchFromCacheMiddleware,
from django.template import Template from django.template import Template
from django.template.response import TemplateResponse from django.template.response import TemplateResponse
from django.test import TestCase, TransactionTestCase, RequestFactory from django.test import TestCase, TransactionTestCase, RequestFactory
from django.test.utils import override_settings, six from django.test.utils import override_settings, IgnorePendingDeprecationWarningsMixin
from django.utils import timezone, translation, unittest from django.utils import six, timezone, translation, unittest
from django.utils.cache import (patch_vary_headers, get_cache_key, from django.utils.cache import (patch_vary_headers, get_cache_key,
learn_cache_key, patch_cache_control, patch_response_headers) learn_cache_key, patch_cache_control, patch_response_headers)
from django.utils.encoding import force_text from django.utils.encoding import force_text
@ -1592,9 +1592,10 @@ def hello_world_view(request, value):
}, },
}, },
) )
class CacheMiddlewareTest(TestCase): class CacheMiddlewareTest(IgnorePendingDeprecationWarningsMixin, TestCase):
def setUp(self): def setUp(self):
super(CacheMiddlewareTest, self).setUp()
self.factory = RequestFactory() self.factory = RequestFactory()
self.default_cache = get_cache('default') self.default_cache = get_cache('default')
self.other_cache = get_cache('other') self.other_cache = get_cache('other')
@ -1602,6 +1603,7 @@ class CacheMiddlewareTest(TestCase):
def tearDown(self): def tearDown(self):
self.default_cache.clear() self.default_cache.clear()
self.other_cache.clear() self.other_cache.clear()
super(CacheMiddlewareTest, self).tearDown()
def test_constructor(self): def test_constructor(self):
""" """