Code


Version 34 (modified by anonymous, 7 years ago) (diff)

--

Contributed middleware

See the middleware documentation on how to enable and write your own middleware. This page collects middleware written by people in the community.

Advanced Locale from URL middleware by Jonathan Schemoul

Replace the standard locale middleware with this one (or just use the two at the same time) to be able to set the language from the url. For example /fr/article/... shows you the article in French, and /en/article/... shows it in English. This version of the Locale from URL Middleware also sets a cookie and a request var whenever you go to a webpage that has a language set in it's url, so that it serves you the correct version when you go to a page that doesn't have any language code in it's url.

"This middleware goes against many principles of good URI design. Document language should be a specified in the HTTP request headers (and optionally as a query string parameter) and served using content negotiation. Embedding language information in a URI is considered bad practice." - Noah Slater

BlockingMiddleware by Joe Heck

Another take on blocking a site, developed to display a splash page and only provide access to those with a passcode, registered users or not (specifically for a beta - where we wanted to enable authenticated users)

ClosedSiteMiddleware by rezzrovv

Closes a site to only authenticated users.

CsrfMiddleware by Luke Plant

Plug-in protection against Cross Site Request Forgery attacks. Note: CsrfMiddleware was added to trunk in [2868] (see #510) and now has official documentation.

Page Stats Middleware by David Avraamides

Display performance metrics measured during the generation of a page. Allows you to display total time, python time, database time, and number of queries for the rendered page.

StripWhitespaceMiddleware by Doug Van Horn

Removes extra whitespace from response content. It's kind of nice for removing extra line breaks, but it also removes leading spaces. Probably not too important for most of us, but for the bandwidth conscious it might be helpful. If you would like to keep your indentions intact, then use '\s*\n+' as the regular expression string instead of '\s*\n+\s*'.

Thread

Unfortunately, if you are returning any kind of binary, they get stripped too. So, to account for that scenario Nebojša Đorđević suggested the following:

if 'text/html' not in response.headers.get('Content-Type', '').lower(): return response

Placed at the beginning of process_response, this will shortcut the middleware for anything not HTML.

Other problems may occur when using this Middleware, such as stripping off meaningful whitespace from Javascript and meaningful whitespace from pre-tags (courtesy of Ian Holsman). So, this middleware should be considered experimental at best.

Unfortunately, I can't seem to edit or remove the attached file, otherwise I might've just done that and slinked away in shame. :-)

TemplateDirsHacker by Sune Kirkeby

Munges settings.TEMPLATE_DIRS for each request. Useful if you want the admin-pages on the same virtual-host as your main site, and you have template-names which clash with the admin-templates. (This is no longer needed, since the admin-templates now live in a namespace of their own).

URL Middleware by Stefano J. Attardi

Cleans up urls by adding/removing trailing slashes, adding/removing the www. prefix, and allowing the language to be set from the url.

If APPEND_SLASH is set to False, trailing slashes are removed from the urls, except for urls which have an explicit trailing slash in urls.py, in which case a trailing slash is added.

If REMOVE_WWW is set to True, the www. prefix is removed.

Finally, ?lang=xx can be appended to any url to override the default language setting. This override is remembered for the following requests. For example, /article?lang=it would show the article in Italian regardless of brower settings or cookies, and any following request to the site would be shown in Italian by default.

Require Login Middleware by Jared Kuolt

(url broken for this middleware ?)

Require Login middleware. If enabled, each Django-powered page will require authentication. If an anonymous user requests a page, he/she is redirected to the login page set by REQUIRE_LOGIN_PATH or /accounts/login/ by default.

SSL Middleware by Antonio Cavedoni

Introduces a new setting, HTTPS_PATHS, which is a tuple of paths that should be treated as HTTPS-only. The middleware will redirect HTTP requests for paths starting with these values to their HTTPS counterpart. On the other hand, all HTTPS requests with paths starting with strings not in that tuple will be redirected back to their HTTP counterpart.

SSL Middleware by Stephen Zabel

Addresses the same SSL issue as (and is inspired by) Antonio's SSL Middleware. However, this package is invoked through adding a 'SSL':True to the view_kwargs in a urls.py file. This approach allows you to secure admin and generic views without needing to wrap or modify them, adheres to the DRY principal and allows you to control the security at the application level rather than at project level.

Usage

urlpatterns = patterns('some_site.some_app.views',
    (r'^test/secure/$','test_secure',{'SSL':True}),
     )

XHTMLAsHTMLMiddleware by Sune Kirkeby

Sends application/xhtml+xml header to browsers that understand it.

FixIP by Ian Holsman

sets the IP to be what is in the X-Forwarded-For header (useful for when your are in a reverse proxy situation)

PsycoMiddleware by Eric Florenzano

This middleware enables the psyco extension module which can massively speed up the execution of any Python code. Prior to [3877], there was a setting in settings.py which allowed one to enable psyco, but this was removed in favor of a middleware solution instead.

Dual Session Middleware by Vadim Macagon

Allows you to turn individual browser-length sessions into persistent sessions and vice versa, this can be used to implement opt-in "Remember Me" functionality.

Attachments (5)

Download all attachments as: .zip