summaryrefslogtreecommitdiff
path: root/django/middleware
AgeCommit message (Collapse)Author
2010-03-07Fixed #6228: Changed common middleware to respect request-specific urlconf. ↵Karen Tracey
Thanks trey, skevy, and mikexstudios. git-svn-id: http://code.djangoproject.com/svn/django/trunk@12704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10Removed an 'assert False' I stupidly committed in [12165]Adrian Holovaty
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12166 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10Fixed #6094 -- Middleware exceptions are now caught by the core handler. ↵Adrian Holovaty
Thanks, isagalaev git-svn-id: http://code.djangoproject.com/svn/django/trunk@12165 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Thanks ↵Adrian Holovaty
for patch and tests, isagalaev git-svn-id: http://code.djangoproject.com/svn/django/trunk@12159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-09Fixed #6991 -- Removed some redundant user.is_authenticated() calls in ↵Adrian Holovaty
various places. Thanks, alexkoshelev, Liang Feng and Ivan Sagalaev git-svn-id: http://code.djangoproject.com/svn/django/trunk@12142 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27Misc clarifications in csrf middleware commentsLuke Plant
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27Slight change to CSRF error messages to make debugging easier.Luke Plant
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27Removed unused import.Luke Plant
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11664 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27Moved contrib.csrf.* to core code.Luke Plant
There is stub code for backwards compatiblity with Django 1.1 imports. The documentation has been updated, but has been left in docs/contrib/csrf.txt for now, in order to avoid dead links to documentation on the website. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29BACKWARDS-INCOMPATIBLE CHANGE: Removed SetRemoteAddrFromForwardedFor middleware.Jacob Kaplan-Moss
In a nutshell, it's been demonstrated that this middleware can never be made reliable enough for general-purpose use, and that (despite documentation to the contrary) its inclusion in Django may lead application developers to assume that the value of ``REMOTE_ADDR`` is "safe" or in some way reliable as a source of authentication. So it's gone. See the Django 1.1 release notes for full details, as well as upgrade instructions. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11363 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-12Fixed #10630 -- Be even more conservative in GZipMiddleware for IE.Malcolm Tredinnick
Patch from sebastien_noack. git-svn-id: http://code.djangoproject.com/svn/django/trunk@10541 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-07Fixed #9199 -- We were erroneously only prepending "www" to the domain if weMalcolm Tredinnick
also needed to append a slash (when PREPEND_WWW=True). Based on a patch and tests from gonz. Thanks. git-svn-id: http://code.djangoproject.com/svn/django/trunk@9184 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-30Fixed #9221 -- Small optimisation to caching middleware handling.Malcolm Tredinnick
In the slightly unusual case that CACHE_MIDDLEWARE_SECONDS is set to 0, don't bother storing a copy in the local cache. git-svn-id: http://code.djangoproject.com/svn/django/trunk@9098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27Fixed #7379: fixed a subtle corner case involving URL encoding in ↵Jacob Kaplan-Moss
`CommonMiddleware` git-svn-id: http://code.djangoproject.com/svn/django/trunk@8635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-21Fixed #8381 -- Fixed a problem with appending slashes in the common middlewareMalcolm Tredinnick
when SCRIPT_NAME contains something other than '/'. Patch from jcassee. Also fixed the middleware tests to work with this patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-15Fixed a typo and added a bit more ReST markup to cache middleware docstring.Gary Wilson Jr
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8387 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-09Split CacheMiddleware up into two parts -- an update-cache and a ↵Jacob Kaplan-Moss
fetch-from-cache middleware. This lets you run each half of the cache middleware at the correct time to avoid bad interactions between the cache middleware and other middleware that must modify the cache key (like the locale middleware). CacheMiddleware itself is still around for backwards-compatibility and as a hook point for the cache decorator, but the documentation has been updated to point people towards the two-part caching middleware. Refs #730. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8260 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-09Fixed #8121 -- Don't override the Content-Language HTTP header in the localeMalcolm Tredinnick
middleware if it's already been set. Thanks, jcassee. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8259 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-02Fixed #7919 -- md5 and sha modules are deprecated since Python 2.5, use ↵Gary Wilson Jr
hashlib module when available. Patch from Karen Tracey. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8193 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-30Fixed #7046 -- set the response status code correctly in ↵Malcolm Tredinnick
ConditionalGetMiddleware. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7793 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-16Fixed #7228 -- Fixed our ETag header creation to meet the HTTP spec, by ↵Adrian Holovaty
quoting it. Thanks, skjohn@us.ibm.com git-svn-id: http://code.djangoproject.com/svn/django/trunk@7659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-04Fixed #6480 -- Added application/pdf the list of content types we don't ↵Malcolm Tredinnick
compress when sending to Internet Explorer. Thanks, Bastien Kleineidam. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7080 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-12-02Fixed #3228 -- Added new APPEND_SLASH handling behaviour in the common ↵Malcolm Tredinnick
middleware. Makes customisation a bit easier. Thanks, Mihai Preda and Andy Gayton. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6852 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-29Fixed #5813 -- Taught the CacheMiddleware to respect any max-age HTTP headerMalcolm Tredinnick
when setting the expiry time. Thanks, SmileyChris. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19Made some stylistic changes in `GZipMiddleware` and added some notes about ↵Gary Wilson Jr
IE, refs #5313. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-11Fixed #5898 -- Changed a few response processing paths to make things harder ↵Malcolm Tredinnick
to get wrong and easier to get right. Previous behaviour wasn't buggy, but it was harder to use than necessary. We now have automatic HEAD processing always (previously required ConditionalGetMiddleware), middleware benefits from the Location header rewrite, so they can use relative URLs as well, and responses with response codes 1xx, 204 or 304 will always have their content removed, in accordance with the HTTP spec (so it's much harder to indavertently deliver invalid responses). Based on a patch and diagnosis from regexbot@gmail.com. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6662 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-31Removed unused variable.Gary Wilson Jr
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-31Fixed #5816 -- Fixed a regression from [6333] that generates incorrect ↵Gary Wilson Jr
cookie "expires" dates when using a locale other than English. Introduced `http_date` and `cookie_date` utility functions. Thanks for the report Michael Lemaire. Thanks for the patch Karen Tracey and `SmileyChris`. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20Fixed #5762 -- Quoted the portions that make up the URL when appendingMalcolm Tredinnick
"www." or adding a trailing slash in common middleware. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6553 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20Fixed #5313 -- Only avoid compressing Javascript when the user agent says ↵Malcolm Tredinnick
it's Internet Explorer. Thanks, mgiger@earthbrowser.com. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6538 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-20Fixed #3872, which turns out to not have been a bug in the first place, by ↵Jacob Kaplan-Moss
reverting [6364]. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6397 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-16Fixed #3872 -- Fixed incorrect handling of HTTP_X_FORWARDED_FOR in ↵Adrian Holovaty
SetRemoteAddrFromForwardedFor. Thanks, Simon Willison and gregorth git-svn-id: http://code.djangoproject.com/svn/django/trunk@6364 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-15Added a get_host() method to HttpRequest. There is still an http.get_host() ↵Malcolm Tredinnick
version in place, so this is fully backwards compatible. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6296 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14Added more dict-like methods to HttpResponse as part of the response.headers ↵Jacob Kaplan-Moss
-> response._headers move, and fixed a few direct uses of response.headers in Django itself. Thanks to PhiR for tracking down and slaying these bugs. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6235 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-12Fixed #4994 -- Send back set-cookie headers in "not modified" responses. ↵Malcolm Tredinnick
Well spotted, colin@owlfish.com. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5878 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-12Fixed #4946 -- Added some small improvements to Gzip middleware. Thanks, ↵Malcolm Tredinnick
colin@owlfish.com. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5875 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-16Fixed #4199 -- Changed date formatting in HTTP expires header to be specMalcolm Tredinnick
compliant. Thanks, Chris Bennett. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-13Fixed #4484 -- Fixed APPEND_SLASH handling to handle an empty path value.Malcolm Tredinnick
Thanks, VesselinK. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5688 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-17Changed ETag computation to first check if an ETag header already exists in theMalcolm Tredinnick
response. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5483 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-02Fixed #3206 -- Fixed typo in [5407]. This time with bonus testing. Thanks,Malcolm Tredinnick
Manuel Saelices. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5417 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-01Fixed #3206 -- Changed ETag comparison to only return 304 when the normalMalcolm Tredinnick
status code would be in the range 200 - 299. This matches RFC 2616 requirements. Based on a patch from Vinay Sajip. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5407 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-26Fixed #4040 -- Changed uses of has_key() to "in". Slight performanceMalcolm Tredinnick
improvement and forward-compatible with future Python releases. Patch from Gary Wilson. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5091 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-20Added client IP address to the e-mail that is sent when an internalLuke Plant
broken link is detected. This is to help with filtering out misbehaving bots. git-svn-id: http://code.djangoproject.com/svn/django/trunk@5043 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-03-25Fixed #3808 -- Fixed some typos in comments. Thanks, Collin GradyAdrian Holovaty
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4816 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-11-22Fixed #3052: GZIP middleware now correctly reports Content-Length. Thanks, ↵Jacob Kaplan-Moss
simonbun. git-svn-id: http://code.djangoproject.com/svn/django/trunk@4089 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-26Improved detection of whether a URL is internal or not for the purposeLuke Plant
of broken link e-mails (referred links from images.google were being misclassified). git-svn-id: http://code.djangoproject.com/svn/django/trunk@3870 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-25Altered [3778] change to match our coding/text style (django.middleware.common)Adrian Holovaty
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3834 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-22Fixed #2747 -- Make X-Headers work for staff members. Admins with dyanmic IPMalcolm Tredinnick
addresses can now use bookmarklets. Thanks, Maximillian Dornseif. git-svn-id: http://code.djangoproject.com/svn/django/trunk@3786 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-22Fixed #2602 -- Include User Agent in broken link emails. Thanks, Ian Holsman.Malcolm Tredinnick
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3778 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-08-18Fixed #2541 -- Added helpful error message for CacheMiddleware in the case ↵Adrian Holovaty
of CACHE_ANONYMOUS_ONLY=True and uninstalled/unordered AuthenticationMiddleware. Thanks, dummy@habmalnefrage.de git-svn-id: http://code.djangoproject.com/svn/django/trunk@3603 bcc190cf-cafb-0310-a4f2-bffc1f526a37