Version 19 (modified by dougvanhorn at the gmail dot com, 10 years ago) (diff)

I wanted to add the valuable comments from the group thread (now referenced)

Contributed middleware

See the middleware documentation on how to enable and write your own middleware. This page collects middleware written by people in the community.

XHTMLAsHTMLMiddleware by Sune Kirkeby

Sends application/xhtml+xml header to browsers that understand it.

TemplateDirsHacker by Sune Kirkeby

Munges settings.TEMPLATE_DIRS for each request. Useful if you want the admin-pages on the same virtual-host as your main site, and you have template-names which clash with the admin-templates. (This is no longer needed, since the admin-templates now live in a namespace of their own).

CsrfMiddleware by Luke Plant

Plug-in protection against Cross Site Request Forgery attacks. Note: CsrfMiddleware was added to trunk in [2868] (see #510) and now has official documentation.

ClosedSiteMiddleware by rezzrovv

Closes a site to only authenticated users.

BlockingMiddleware by Joe Heck

Another take on blocking a site, developed to display a splash page and only provide access to those with a passcode, registered users or not (specifically for a beta - where we wanted to enable authenticated users)

Advanced Locale from URL middleware by Jonathan Schemoul

Replace the standard locale middleware with this one (or just use the two at the same time) to be able to set the language from the url. For example /fr/article/... shows you the article in French, and /en/article/... shows it in English. This version of the Locale from URL Middleware also sets a cookie and a request var whenever you go to a webpage that has a language set in it's url, so that it serves you the correct version when you go to a page that doesn't have any language code in it's url.

URL Middleware by Stefano J. Attardi

Cleans up urls by adding/removing trailing slashes, adding/removing the www. prefix, and allowing the language to be set from the url. If APPEND_SLASH is set to False, trailing slashes are removed from the urls, except for urls which have an explicit trailing slash in If REMOVE_WWW is set to True, the www. prefix is removed. Finally, ?lang=xx can be appended to any url to override the default language setting. This override is remembered for the following requests. For example, /article?lang=it would show the article in Italian regardless of brower settings or cookies, and any following request to the site would be shown in Italian by default.

Strip Whitespace Middleware by Doug Van Horn

Removes extra whitespace from response content. It's kind of nice for removing extra line breaks, but it also removes leading spaces. Probably not too important for most of us, but for the bandwidth conscious it might be helpful. If you would like to keep your indentions intact, then use '\s*\n+' as the regular expression string instead of '\s*\n+\s*'.


Unfortunately, if you are returning any kind of binary, they get stripped too. So, to account for that scenario Nebojša Đorđević suggested the following:

if 'text/html' not in response.headers.get('Content-Type', '').lower(): return response

Placed at the beginning of process_response, this will shortcut the middleware for anything not HTML.

Other problems may occur when using this Middleware, such as stripping off meaningful whitespace from Javascript and meaningful whitespace from pre-tags (courtesy of Ian Holsman). So, this middleware should be considered experimental at best.

Unfortunately, I can't seem to edit or remove the attached file, otherwise I might've just done that and slinked away in shame. :-)

Attachments (5)

Download all attachments as: .zip

Back to Top