Opened 16 years ago

Closed 16 years ago

Last modified 13 years ago

#7317 closed (fixed)

XViewMiddleware should not be enabled by default.

Reported by: anonymous Owned by: Jacob
Component: Documentation Version: dev
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: yes
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

The XViewMiddleware is enabled by default and it is causing problems and confusion, see #7299 and http://toofishes.net/blog/django-middleware-order/ , quoting from there: "I don't really know what XView does, so it is last. It isn't that important.".

That's because

  • it is enabled by default AND
  • its purpose is too vaguely defined: Sends custom X-View HTTP headers to HEAD requests that come from IP addresses defined in the INTERNAL_IPS setting. This is used by Django’s automatic documentation system.

The middleware can be safely disabled and should be documented as such. Although I have looked at the source, I fail to see it's purpose for the general public. The only "automatic documenatation" system I have encountered is the context from exception backtraces. *If* it is used there, this should be stated -- "The automatic documentation system is mainly useful to see exception backtrace context in debug mode. You can disable it in production mode."

Please correct me if I'm wrong.

Change History (7)

comment:1 by anonymous, 16 years ago

Component: ToolsDocumentation

comment:2 by mrts, 16 years ago

Needs documentation: set
Triage Stage: UnreviewedDesign decision needed

Indeed, looks like the XViewMiddleware is not used anywhere internally, perhaps it should not be enabled by default?

$ grep -r XViewMiddleware django/ | egrep -v '(\.svn|\.pyc)'
django/middleware/doc.py:class XViewMiddleware(object):
django/conf/global_settings.py:    'django.middleware.doc.XViewMiddleware',
django/conf/project_template/settings.py:    'django.middleware.doc.XViewMiddleware',

$ grep -r 'X-View' django/ | egrep -v '(\.svn|\.pyc)'
django/middleware/doc.py:    Adds an X-View header to internal HEAD requests -- used by the documentation system.
django/middleware/doc.py:            response['X-View'] = "%s.%s" % (view_func.__module__, view_func.__name__)

comment:3 by mrts, 16 years ago

James explains the purpose of XViewMiddleware quite well http://www.b-list.org/weblog/2007/nov/07/bookmarklets/ . Perhaps some of it could be borrowed for documentation.

As nfa has a separate documentation app not enabled by default, XViewMiddleware should also be disabled by default and enabled only if the former is enabled.

comment:4 by mrts, 16 years ago

milestone: 1.0 maybe

Targeting to 1.0-maybe.

comment:5 by Jacob, 16 years ago

milestone: 1.0 maybe1.0
Owner: changed from nobody to Jacob
Status: newassigned
Summary: XViewMiddleware should be documented betterXViewMiddleware should not be enabled by default.
Triage Stage: Design decision neededAccepted

(changed description -- the docs are fine, but it shouldn't be on by default)

comment:6 by Jacob, 16 years ago

Resolution: fixed
Status: assignedclosed

Fixed in [8537].

comment:7 by Jacob, 13 years ago

milestone: 1.0

Milestone 1.0 deleted

Note: See TracTickets for help on using tickets.
Back to Top