Django-1.2.1/django/middleware/http.py

   1 from django.core.exceptions import MiddlewareNotUsed
   2 from django.utils.http import http_date
   3
   4 class ConditionalGetMiddleware(object):
   5     """
   6     Handles conditional GET operations. If the response has a ETag or
   7     Last-Modified header, and the request has If-None-Match or
   8     If-Modified-Since, the response is replaced by an HttpNotModified.
   9
  10     Also sets the Date and Content-Length response-headers.
  11     """
  12     def process_response(self, request, response):
  13         response['Date'] = http_date()
  14         if not response.has_header('Content-Length'):
  15             response['Content-Length'] = str(len(response.content))
  16
  17         if response.has_header('ETag'):
  18             if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None)
  19             if if_none_match == response['ETag']:
  20                 # Setting the status is enough here. The response handling path
  21                 # automatically removes content for this status code (in
  22                 # http.conditional_content_removal()).
  23                 response.status_code = 304
  24
  25         if response.has_header('Last-Modified'):
  26             if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None)
  27             if if_modified_since == response['Last-Modified']:
  28                 # Setting the status code is enough here (same reasons as
  29                 # above).
  30                 response.status_code = 304
  31
  32         return response
  33
  34 class SetRemoteAddrFromForwardedFor(object):
  35     """
  36     This middleware has been removed; see the Django 1.1 release notes for
  37     details.
  38
  39     It previously set REMOTE_ADDR based on HTTP_X_FORWARDED_FOR. However, after
  40     investiagtion, it turns out this is impossible to do in a general manner:
  41     different proxies treat the X-Forwarded-For header differently. Thus, a
  42     built-in middleware can lead to application-level security problems, and so
  43     this was removed in Django 1.1
  44
  45     """
  46     def __init__(self):
  47         import warnings
  48         warnings.warn("SetRemoteAddrFromForwardedFor has been removed. "
  49                       "See the Django 1.1 release notes for details.",
  50                       category=DeprecationWarning)
  51         raise MiddlewareNotUsed()