1 from django
.core
.exceptions
import MiddlewareNotUsed
2 from django
.utils
.http
import http_date
4 class ConditionalGetMiddleware(object):
6 Handles conditional GET operations. If the response has a ETag or
7 Last-Modified header, and the request has If-None-Match or
8 If-Modified-Since, the response is replaced by an HttpNotModified.
10 Also sets the Date and Content-Length response-headers.
12 def process_response(self
, request
, response
):
13 response
['Date'] = http_date()
14 if not response
.has_header('Content-Length'):
15 response
['Content-Length'] = str(len(response
.content
))
17 if response
.has_header('ETag'):
18 if_none_match
= request
.META
.get('HTTP_IF_NONE_MATCH', None)
19 if if_none_match
== response
['ETag']:
20 # Setting the status is enough here. The response handling path
21 # automatically removes content for this status code (in
22 # http.conditional_content_removal()).
23 response
.status_code
= 304
25 if response
.has_header('Last-Modified'):
26 if_modified_since
= request
.META
.get('HTTP_IF_MODIFIED_SINCE', None)
27 if if_modified_since
== response
['Last-Modified']:
28 # Setting the status code is enough here (same reasons as
30 response
.status_code
= 304
34 class SetRemoteAddrFromForwardedFor(object):
36 This middleware has been removed; see the Django 1.1 release notes for
39 It previously set REMOTE_ADDR based on HTTP_X_FORWARDED_FOR. However, after
40 investiagtion, it turns out this is impossible to do in a general manner:
41 different proxies treat the X-Forwarded-For header differently. Thus, a
42 built-in middleware can lead to application-level security problems, and so
43 this was removed in Django 1.1
48 warnings
.warn("SetRemoteAddrFromForwardedFor has been removed. "
49 "See the Django 1.1 release notes for details.",
50 category
=DeprecationWarning)
51 raise MiddlewareNotUsed()