Opened 2 months ago

Last modified 4 weeks ago

#29241 new Bug

ConditionalGetMiddleware and x-sendfile

Reported by: TZanke Owned by: nobody
Component: Core (Cache system) Version: 1.11
Severity: Normal Keywords: sendfile
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Tim Graham)

We found a issue with ConditionalGetMiddleware in combination with apache x-sendfile (django-sendfile) and Django 1.11

In Django 1.10 we just use Last-Modified, which works fine. Now with Django 1.11 each response gets a ETag generated based on response.content. In the case of a x-sendfile response, the response.content is an empty string. So each time the file is accessed, the ETag generated by ConditionalGetMiddleware is the same. Regardless of the changed file/changed mtime.

So now the request has our Last-Modified header AND the Middleware generated ETag.
In get_conditional_response the ETag, which is always the same hash of empty string, is checked first and returns a 304. BUT the Last-Modification has changed and is ignored.

This looks like two bugs for me. First the ETag of the empty content string from x-sendfile respose. Second returning a 304 if ETag is the same but Last-Modified has changed.

Change History (3)

comment:1 Changed 2 months ago by Tim Graham

Description: modified (diff)

If there are two bugs, there should be two tickets. Will you offer some fixes?

comment:2 Changed 2 months ago by Tim Graham

Triage Stage: UnreviewedAccepted

comment:3 Changed 4 weeks ago by Windson yang

I can try to fix it. But it may take one week for me.

Note: See TracTickets for help on using tickets.
Back to Top