Code

Ticket #9163: 9163_r9077.diff

File 9163_r9077.diff, 1.5 KB (added by carljm, 6 years ago)

remove previous ETags, documentation update

Line 
1Index: django/contrib/csrf/middleware.py
2===================================================================
3--- django/contrib/csrf/middleware.py   (revision 9077)
4+++ django/contrib/csrf/middleware.py   (working copy)
5@@ -90,5 +90,11 @@
6                 "' /></div>")
7 
8             # Modify any POST forms
9-            response.content = _POST_FORM_RE.sub(add_csrf_field, response.content)
10+            (response.content, modified) = _POST_FORM_RE.subn(
11+                add_csrf_field, response.content)
12+           
13+            # if we modified the content, remove any ETag set previously
14+            if modified:
15+                del response['ETag']
16+               
17         return response
18Index: docs/ref/contrib/csrf.txt
19===================================================================
20--- docs/ref/contrib/csrf.txt   (revision 9077)
21+++ docs/ref/contrib/csrf.txt   (working copy)
22@@ -25,8 +25,9 @@
23 Add the middleware ``'django.contrib.csrf.middleware.CsrfMiddleware'`` to
24 your list of middleware classes, :setting:`MIDDLEWARE_CLASSES`. It needs to process
25 the response after the SessionMiddleware, so must come before it in the
26-list. It also must process the response before things like compression
27-happen to the response, so it must come after GZipMiddleware in the list.
28+list. It also must process the response before things like compression or
29+setting of ETags happen to the response, so it must come after GZipMiddleware,
30+CommonMiddleware, and ConditionalGetMiddleware in the list.
31 
32 How it works
33 ============