Ticket #5898: remove_unallowed_content.diff

File remove_unallowed_content.diff, 2.1 KB (added by arien <regexbot@…>, 8 years ago)

RemoveUnallowedResponseContent as a response middleware that would automagically alway be run after all other reponse middleware.

  • django/middleware/http.py

     
    66    Last-Modified header, and the request has If-None-Match or
    77    If-Modified-Since, the response is replaced by an HttpNotModified.
    88
    9     Removes the content from any response to a HEAD request.
    10 
    119    Also sets the Date and Content-Length response-headers.
    1210    """
    1311    def process_response(self, request, response):
     
    1917            if_none_match = request.META.get('HTTP_IF_NONE_MATCH', None)
    2018            if if_none_match == response['ETag']:
    2119                response.status_code = 304
    22                 response.content = ''
    23                 response['Content-Length'] = '0'
    2420
    2521        if response.has_header('Last-Modified'):
    2622            if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE', None)
    2723            if if_modified_since == response['Last-Modified']:
    2824                response.status_code = 304
    29                 response.content = ''
    30                 response['Content-Length'] = '0'
    3125
    32         if request.method == 'HEAD':
    33             response.content = ''
    34 
    3526        return response
    3627
    3728class SetRemoteAddrFromForwardedFor(object):
     
    5748            # client's IP will be the first one.
    5849            real_ip = real_ip.split(",")[0].strip()
    5950            request.META['REMOTE_ADDR'] = real_ip
     51
     52class RemoveUnallowedResponseContent(object):
     53    """
     54    Middleware that removes the content of responses to HEAD requests, and
     55    of responses with the status codes 1xx (Informational), 204 (No Content),
     56    and 304 (Not Modified) that must not have content.  In this last case, the
     57    Content-Length header is set to zero.  This is required by RFC 2616,
     58    sections 4.3 and 4.13.
     59    """
     60    def process_response(self, request, response):
     61        if 100 <= response.status_code < 200 or response.status_code in (204, 304):
     62            response.content = ''
     63            response['Content-Length'] = 0
     64        if request.method == 'HEAD':
     65            response.content = ''
     66        return response
Back to Top