Code

Ticket #5898: http_requirements.diff

File http_requirements.diff, 4.2 KB (added by arien <regexbot@…>, 7 years ago)

Try to ensure responses meet basic HTTP requirements.

Line 
1Index: django/core/handlers/base.py
2===================================================================
3--- django/core/handlers/base.py        (revision 6658)
4+++ django/core/handlers/base.py        (working copy)
5@@ -50,10 +50,6 @@
6 
7     def get_response(self, request):
8         "Returns an HttpResponse object for the given HttpRequest"
9-        response = self._real_get_response(request)
10-        return fix_location_header(request, response)
11-
12-    def _real_get_response(self, request):
13         from django.core import exceptions, urlresolvers
14         from django.core.mail import mail_admins
15         from django.conf import settings
16@@ -129,6 +125,13 @@
17                 callback, param_dict = resolver.resolve500()
18                 return callback(request, **param_dict)
19 
20+    def fix_up_response(self, request, response):
21+        "Fix up a response to try and meet basic HTTP requirements."
22+        fixes = (fix_location_header, remove_unallowed_response_content)
23+        for fix in fixes:
24+            response = fix(request, response)
25+        return response
26+
27     def _get_traceback(self, exc_info=None):
28         "Helper function to return the traceback as a string"
29         import traceback
30@@ -146,3 +149,15 @@
31         response['Location'] = request.build_absolute_uri(response['Location'])
32     return response
33 
34+def remove_unallowed_response_content(request, response):
35+    """
36+    Removes the content of responses to HEAD requests, and of responses with
37+    status codes 1xx (Informational), 204 (No Content), and 304 (Not Modified)
38+    that must not have content.  This is required by RFC 2616, section 4.3.
39+    """
40+    if 100 <= response.status_code < 200 or response.status_code in (204, 304):
41+        response.content = ''
42+        response['Content-Length'] = 0
43+    if request.method == 'HEAD':
44+        response.content = ''
45+    return response
46Index: django/core/handlers/modpython.py
47===================================================================
48--- django/core/handlers/modpython.py   (revision 6658)
49+++ django/core/handlers/modpython.py   (working copy)
50@@ -162,6 +162,7 @@
51                 # Apply response middleware
52                 for middleware_method in self._response_middleware:
53                     response = middleware_method(request, response)
54+                response = self.fix_up_response(request, response)
55         finally:
56             dispatcher.send(signal=signals.request_finished)
57 
58Index: django/core/handlers/wsgi.py
59===================================================================
60--- django/core/handlers/wsgi.py        (revision 6658)
61+++ django/core/handlers/wsgi.py        (working copy)
62@@ -207,6 +207,7 @@
63                 # Apply response middleware
64                 for middleware_method in self._response_middleware:
65                     response = middleware_method(request, response)
66+                response = self.fix_up_response(request, response)
67         finally:
68             dispatcher.send(signal=signals.request_finished)
69 
70Index: django/middleware/http.py
71===================================================================
72--- django/middleware/http.py   (revision 6658)
73+++ django/middleware/http.py   (working copy)
74@@ -6,8 +6,6 @@
75     Last-Modified header, and the request has If-None-Match or
76     If-Modified-Since, the response is replaced by an HttpNotModified.
77 
78-    Removes the content from any response to a HEAD request.
79-
80     Also sets the Date and Content-Length response-headers.
81     """
82     def process_response(self, request, response):
83@@ -19,19 +17,12 @@
84             if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None)
85             if if_none_match == response['ETag']:
86                 response.status_code = 304
87-                response.content = ''
88-                response['Content-Length'] = '0'
89 
90         if response.has_header('Last-Modified'):
91             if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None)
92             if if_modified_since == response['Last-Modified']:
93                 response.status_code = 304
94-                response.content = ''
95-                response['Content-Length'] = '0'
96 
97-        if request.method == 'HEAD':
98-            response.content = ''
99-
100         return response
101 
102 class SetRemoteAddrFromForwardedFor(object):