1 from django
.utils
.http
import http_date
3 class ConditionalGetMiddleware(object):
5 Handles conditional GET operations. If the response has a ETag or
6 Last-Modified header, and the request has If-None-Match or
7 If-Modified-Since, the response is replaced by an HttpNotModified.
9 Also sets the Date and Content-Length response-headers.
11 def process_response(self
, request
, response
):
12 response
['Date'] = http_date()
13 if not response
.has_header('Content-Length'):
14 response
['Content-Length'] = str(len(response
.content
))
16 if response
.has_header('ETag'):
17 if_none_match
= request
.META
.get('HTTP_IF_NONE_MATCH', None)
18 if if_none_match
== response
['ETag']:
19 # Setting the status is enough here. The response handling path
20 # automatically removes content for this status code (in
21 # http.conditional_content_removal()).
24 if response
.has_header('Last-Modified'):
25 if_modified_since
= request
.META
.get('HTTP_IF_MODIFIED_SINCE', None)
26 if if_modified_since
== response
['Last-Modified']:
27 # Setting the status code is enough here (same reasons as
33 class SetRemoteAddrFromForwardedFor(object):
35 Middleware that sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, if the
36 latter is set. This is useful if you're sitting behind a reverse proxy that
37 causes each request's REMOTE_ADDR to be set to 127.0.0.1.
39 Note that this does NOT validate HTTP_X_FORWARDED_FOR. If you're not behind
40 a reverse proxy that sets HTTP_X_FORWARDED_FOR automatically, do not use
41 this middleware. Anybody can spoof the value of HTTP_X_FORWARDED_FOR, and
42 because this sets REMOTE_ADDR based on HTTP_X_FORWARDED_FOR, that means
43 anybody can "fake" their IP address. Only use this when you can absolutely
44 trust the value of HTTP_X_FORWARDED_FOR.
46 def process_request(self
, request
):
48 real_ip
= request
.META
['HTTP_X_FORWARDED_FOR']
52 # HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs. The
53 # client's IP will be the first one.
54 real_ip
= real_ip
.split(",")[0].strip()
55 request
.META
['REMOTE_ADDR'] = real_ip