diff options
Diffstat (limited to 'django')
| -rw-r--r-- | django/middleware/cache.py | 22 | ||||
| -rw-r--r-- | django/utils/cache.py | 10 |
2 files changed, 23 insertions, 9 deletions
diff --git a/django/middleware/cache.py b/django/middleware/cache.py index 3f602fe652..32d15b4095 100644 --- a/django/middleware/cache.py +++ b/django/middleware/cache.py @@ -50,7 +50,8 @@ More details about how the caching works: from django.conf import settings from django.core.cache import cache -from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age +from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers, get_max_age, has_vary_header + class UpdateCacheMiddleware(object): """ @@ -66,9 +67,19 @@ class UpdateCacheMiddleware(object): self.key_prefix = settings.CACHE_MIDDLEWARE_KEY_PREFIX self.cache_anonymous_only = getattr(settings, 'CACHE_MIDDLEWARE_ANONYMOUS_ONLY', False) + def _should_update_cache(self, request, response): + if not hasattr(request, '_cache_update_cache') or not request._cache_update_cache: + return False + if self.cache_anonymous_only and has_vary_header(response, 'Cookie'): + assert hasattr(request, 'user'), "The Django cache middleware with CACHE_MIDDLEWARE_ANONYMOUS_ONLY=True requires authentication middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the CacheMiddleware." + if request.user.is_authenticated(): + # Don't cache user-variable requests from authenticated users. + return False + return True + def process_response(self, request, response): """Sets the cache, if needed.""" - if not hasattr(request, '_cache_update_cache') or not request._cache_update_cache: + if not self._should_update_cache(request, response): # We don't need to update the cache, just return. return response if request.method != 'GET': @@ -112,17 +123,10 @@ class FetchFromCacheMiddleware(object): Checks whether the page is already cached and returns the cached version if available. """ - if self.cache_anonymous_only: - assert hasattr(request, 'user'), "The Django cache middleware with CACHE_MIDDLEWARE_ANONYMOUS_ONLY=True requires authentication middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the CacheMiddleware." - if not request.method in ('GET', 'HEAD') or request.GET: request._cache_update_cache = False return None # Don't bother checking the cache. - if self.cache_anonymous_only and request.user.is_authenticated(): - request._cache_update_cache = False - return None # Don't cache requests from authenticated users. - cache_key = get_cache_key(request, self.key_prefix) if cache_key is None: request._cache_update_cache = True diff --git a/django/utils/cache.py b/django/utils/cache.py index 6cfd893668..58d087b079 100644 --- a/django/utils/cache.py +++ b/django/utils/cache.py @@ -134,6 +134,16 @@ def patch_vary_headers(response, newheaders): if newheader.lower() not in existing_headers] response['Vary'] = ', '.join(vary_headers + additional_headers) +def has_vary_header(response, header_query): + """ + Checks to see if the response has a given header name in its Vary header. + """ + if not response.has_header('Vary'): + return False + vary_headers = cc_delim_re.split(response['Vary']) + existing_headers = set([header.lower() for header in vary_headers]) + return header_query.lower() in existing_headers + def _i18n_cache_key_suffix(request, cache_key): """If enabled, returns the cache key ending with a locale.""" if settings.USE_I18N: |
