Django

Code

Ticket #4994 (closed: fixed)

Opened 1 year ago

Last modified 1 year ago

Cookies are not sent back for HTTP Not Modified (304) from CommonMiddleware

Reported by: colin@owlfish.com Assigned to: mtredinnick
Milestone: Component: HTTP handling
Version: SVN Keywords: etags
Cc: Triage Stage: Ready for checkin
Has patch: 1 Needs documentation: 0
Needs tests: 0 Patch needs improvement: 0

Description

The CommonMiddleware? functionality generates a new HTTP Response object (304) when the E-Tag matches. This new response does not include the Set-Cookie header, which then breaks the login page from django.contrib.auth.views.login.

This also violates the Cookie specification (see http://wp.netscape.com/newsref/std/cookie_spec.html): If a proxy server receives a response which contains a Set-cookie header, it should propagate the Set-cookie header to the client, regardless of whether the response was 304 (Not Modified) or 200 (OK).

The attached patch solves this by moving any set cookies over into the new response object.

Attachments

common-middleware-fix.patch (0.6 kB) - added by colin@owlfish.com on 07/27/07 15:08:26.
Patch for 304 and Cookies

Change History

07/27/07 15:08:26 changed by colin@owlfish.com

  • attachment common-middleware-fix.patch added.

Patch for 304 and Cookies

08/12/07 05:21:27 changed by Simon G. <dev@simon.net.nz>

  • needs_better_patch changed.
  • stage changed from Unreviewed to Ready for checkin.
  • needs_tests changed.
  • needs_docs changed.

08/12/07 08:10:46 changed by mtredinnick

  • status changed from new to closed.
  • resolution set to fixed.

(In [5878]) Fixed #4994 -- Send back set-cookie headers in "not modified" responses. Well spotted, colin@owlfish.com.

Add/Change #4994 (Cookies are not sent back for HTTP Not Modified (304) from CommonMiddleware)




Change Properties
Action