summaryrefslogtreecommitdiff
path: root/django
diff options
context:
space:
mode:
authorCarl Meyer <carl@oddbird.net>2011-02-17 05:01:42 +0000
committerCarl Meyer <carl@oddbird.net>2011-02-17 05:01:42 +0000
commitaae16079efbb03da3dc0b66c3e62ce022d293e63 (patch)
tree5831bdf5a81d9a0e49819ed6959109752222c8fb /django
parent9ec9d2efd134cd2fe64c33cf44af00780841edeb (diff)
[1.2.X] Fixed #15260 -- Ensured that CACHE_MIDDLEWARE_ANONYMOUS_ONLY is effective with the cache_page decorator, not only the middleware. Thanks to brodie for report and draft patch.
Backport of r15559 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@15560 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django')
-rw-r--r--django/middleware/cache.py13
1 files changed, 11 insertions, 2 deletions
diff --git a/django/middleware/cache.py b/django/middleware/cache.py
index 32d15b4095..f70e767944 100644
--- a/django/middleware/cache.py
+++ b/django/middleware/cache.py
@@ -50,7 +50,7 @@ More details about how the caching works:
from django.conf import settings
from django.core.cache import cache
-from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age, has_vary_header
+from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age
class UpdateCacheMiddleware(object):
@@ -67,10 +67,19 @@ class UpdateCacheMiddleware(object):
self.key_prefix = settings.CACHE_MIDDLEWARE_KEY_PREFIX
self.cache_anonymous_only = getattr(settings, 'CACHE_MIDDLEWARE_ANONYMOUS_ONLY', False)
+ def _session_accessed(self, request):
+ try:
+ return request.session.accessed
+ except AttributeError:
+ return False
+
def _should_update_cache(self, request, response):
if not hasattr(request, '_cache_update_cache') or not request._cache_update_cache:
return False
- if self.cache_anonymous_only and has_vary_header(response, 'Cookie'):
+ # If the session has not been accessed otherwise, we don't want to
+ # cause it to be accessed here. If it hasn't been accessed, then the
+ # user's logged-in status has not affected the response anyway.
+ if self.cache_anonymous_only and self._session_accessed(request):
assert hasattr(request, 'user'), "The Django cache middleware with CACHE_MIDDLEWARE_ANONYMOUS_ONLY=True requires authentication middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the CacheMiddleware."
if request.user.is_authenticated():
# Don't cache user-variable requests from authenticated users.