Ticket #9163: 9163_r9077.diff

File 9163_r9077.diff, 1.5 KB (added by carljm, 7 years ago)

remove previous ETags, documentation update

  • django/contrib/csrf/middleware.py

     
    9090                "' /></div>")
    9191
    9292            # Modify any POST forms
    93             response.content = _POST_FORM_RE.sub(add_csrf_field, response.content)
     93            (response.content, modified) = _POST_FORM_RE.subn(
     94                add_csrf_field, response.content)
     95           
     96            # if we modified the content, remove any ETag set previously
     97            if modified:
     98                del response['ETag']
     99               
    94100        return response
  • docs/ref/contrib/csrf.txt

     
    2525Add the middleware ``'django.contrib.csrf.middleware.CsrfMiddleware'`` to
    2626your list of middleware classes, :setting:`MIDDLEWARE_CLASSES`. It needs to process
    2727the response after the SessionMiddleware, so must come before it in the
    28 list. It also must process the response before things like compression
    29 happen to the response, so it must come after GZipMiddleware in the list.
     28list. It also must process the response before things like compression or
     29setting of ETags happen to the response, so it must come after GZipMiddleware,
     30CommonMiddleware, and ConditionalGetMiddleware in the list.
    3031
    3132How it works
    3233============
Back to Top