Opened 11 years ago

Closed 11 years ago

Last modified 8 years ago

#7317 closed (fixed)

XViewMiddleware should not be enabled by default.

Reported by: anonymous Owned by: Jacob
Component: Documentation Version: master
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: yes
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


The XViewMiddleware is enabled by default and it is causing problems and confusion, see #7299 and , quoting from there: "I don't really know what XView does, so it is last. It isn't that important.".

That's because

  • it is enabled by default AND
  • its purpose is too vaguely defined: Sends custom X-View HTTP headers to HEAD requests that come from IP addresses defined in the INTERNAL_IPS setting. This is used by Django’s automatic documentation system.

The middleware can be safely disabled and should be documented as such. Although I have looked at the source, I fail to see it's purpose for the general public. The only "automatic documenatation" system I have encountered is the context from exception backtraces. *If* it is used there, this should be stated -- "The automatic documentation system is mainly useful to see exception backtrace context in debug mode. You can disable it in production mode."

Please correct me if I'm wrong.

Change History (7)

comment:1 Changed 11 years ago by anonymous

Component: ToolsDocumentation

comment:2 Changed 11 years ago by mrts

Needs documentation: set
Triage Stage: UnreviewedDesign decision needed

Indeed, looks like the XViewMiddleware is not used anywhere internally, perhaps it should not be enabled by default?

$ grep -r XViewMiddleware django/ | egrep -v '(\.svn|\.pyc)'
django/middleware/ XViewMiddleware(object):
django/conf/    'django.middleware.doc.XViewMiddleware',
django/conf/project_template/    'django.middleware.doc.XViewMiddleware',
$ grep -r 'X-View' django/ | egrep -v '(\.svn|\.pyc)'
django/middleware/    Adds an X-View header to internal HEAD requests -- used by the documentation system.
django/middleware/            response['X-View'] = "%s.%s" % (view_func.__module__, view_func.__name__)

comment:3 Changed 11 years ago by mrts

James explains the purpose of XViewMiddleware quite well . Perhaps some of it could be borrowed for documentation.

As nfa has a separate documentation app not enabled by default, XViewMiddleware should also be disabled by default and enabled only if the former is enabled.

comment:4 Changed 11 years ago by mrts

milestone: 1.0 maybe

Targeting to 1.0-maybe.

comment:5 Changed 11 years ago by Jacob

milestone: 1.0 maybe1.0
Owner: changed from nobody to Jacob
Status: newassigned
Summary: XViewMiddleware should be documented betterXViewMiddleware should not be enabled by default.
Triage Stage: Design decision neededAccepted

(changed description -- the docs are fine, but it shouldn't be on by default)

comment:6 Changed 11 years ago by Jacob

Resolution: fixed
Status: assignedclosed

Fixed in [8537].

comment:7 Changed 8 years ago by Jacob

milestone: 1.0

Milestone 1.0 deleted

Note: See TracTickets for help on using tickets.
Back to Top