| from django.core.exceptions import MiddlewareNotUsed |
| from django.utils.http import http_date |
| |
| class ConditionalGetMiddleware(object): |
| """ |
| Handles conditional GET operations. If the response has a ETag or |
| Last-Modified header, and the request has If-None-Match or |
| If-Modified-Since, the response is replaced by an HttpNotModified. |
| |
| Also sets the Date and Content-Length response-headers. |
| """ |
| def process_response(self, request, response): |
| response['Date'] = http_date() |
| if not response.has_header('Content-Length'): |
| response['Content-Length'] = str(len(response.content)) |
| |
| if response.has_header('ETag'): |
| if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None) |
| if if_none_match == response['ETag']: |
| # Setting the status is enough here. The response handling path |
| # automatically removes content for this status code (in |
| # http.conditional_content_removal()). |
| response.status_code = 304 |
| |
| if response.has_header('Last-Modified'): |
| if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None) |
| if if_modified_since == response['Last-Modified']: |
| # Setting the status code is enough here (same reasons as |
| # above). |
| response.status_code = 304 |
| |
| return response |
| |
| class SetRemoteAddrFromForwardedFor(object): |
| """ |
| This middleware has been removed; see the Django 1.1 release notes for |
| details. |
| |
| It previously set REMOTE_ADDR based on HTTP_X_FORWARDED_FOR. However, after |
| investiagtion, it turns out this is impossible to do in a general manner: |
| different proxies treat the X-Forwarded-For header differently. Thus, a |
| built-in middleware can lead to application-level security problems, and so |
| this was removed in Django 1.1 |
| |
| """ |
| def __init__(self): |
| import warnings |
| warnings.warn("SetRemoteAddrFromForwardedFor has been removed. " |
| "See the Django 1.1 release notes for details.", |
| category=DeprecationWarning) |
| raise MiddlewareNotUsed() |
