mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Fixed #19705 -- Set proper headers on conditional Not Modified responses.
This commit is contained in:
		
				
					committed by
					
						 Tim Graham
						Tim Graham
					
				
			
			
				
	
			
			
			
						parent
						
							b2f9db1637
						
					
				
				
					commit
					bd7237d7ec
				
			| @@ -122,14 +122,21 @@ def _precondition_failed(request): | |||||||
|  |  | ||||||
|  |  | ||||||
| def _not_modified(request, response=None): | def _not_modified(request, response=None): | ||||||
|  |     new_response = HttpResponseNotModified() | ||||||
|     if response: |     if response: | ||||||
|         # We need to keep the cookies, see ticket #4994. |         # Preserve the headers required by Section 4.1 of RFC 7232, as well as | ||||||
|         cookies = response.cookies |         # Last-Modified. | ||||||
|         response = HttpResponseNotModified() |         for header in ('Cache-Control', 'Content-Location', 'Date', 'ETag', 'Expires', 'Last-Modified', 'Vary'): | ||||||
|         response.cookies = cookies |             if header in response: | ||||||
|         return response |                 new_response[header] = response[header] | ||||||
|     else: |  | ||||||
|         return HttpResponseNotModified() |         # Preserve cookies as per the cookie specification: "If a proxy server | ||||||
|  |         # receives a response which contains a Set-cookie header, it should | ||||||
|  |         # propagate the Set-cookie header to the client, regardless of whether | ||||||
|  |         # the response was 304 (Not Modified) or 200 (OK). | ||||||
|  |         # https://curl.haxx.se/rfc/cookie_spec.html | ||||||
|  |         new_response.cookies = response.cookies | ||||||
|  |     return new_response | ||||||
|  |  | ||||||
|  |  | ||||||
| def get_conditional_response(request, etag=None, last_modified=None, response=None): | def get_conditional_response(request, etag=None, last_modified=None, response=None): | ||||||
|   | |||||||
| @@ -614,6 +614,28 @@ class ConditionalGetMiddlewareTest(SimpleTestCase): | |||||||
|         self.resp = ConditionalGetMiddleware().process_response(self.req, self.resp) |         self.resp = ConditionalGetMiddleware().process_response(self.req, self.resp) | ||||||
|         self.assertEqual(self.resp.status_code, 400) |         self.assertEqual(self.resp.status_code, 400) | ||||||
|  |  | ||||||
|  |     def test_not_modified_headers(self): | ||||||
|  |         """ | ||||||
|  |         The 304 Not Modified response should include only the headers required | ||||||
|  |         by section 4.1 of RFC 7232, Last-Modified, and the cookies. | ||||||
|  |         """ | ||||||
|  |         self.req.META['HTTP_IF_NONE_MATCH'] = self.resp['ETag'] = '"spam"' | ||||||
|  |         self.resp['Date'] = 'Sat, 12 Feb 2011 17:35:44 GMT' | ||||||
|  |         self.resp['Last-Modified'] = 'Sat, 12 Feb 2011 17:35:44 GMT' | ||||||
|  |         self.resp['Expires'] = 'Sun, 13 Feb 2011 17:35:44 GMT' | ||||||
|  |         self.resp['Vary'] = 'Cookie' | ||||||
|  |         self.resp['Cache-Control'] = 'public' | ||||||
|  |         self.resp['Content-Location'] = '/alt' | ||||||
|  |         self.resp['Content-Language'] = 'en'  # shouldn't be preserved | ||||||
|  |         self.resp.set_cookie('key', 'value') | ||||||
|  |  | ||||||
|  |         new_response = ConditionalGetMiddleware().process_response(self.req, self.resp) | ||||||
|  |         self.assertEqual(new_response.status_code, 304) | ||||||
|  |         for header in ('Cache-Control', 'Content-Location', 'Date', 'ETag', 'Expires', 'Last-Modified', 'Vary'): | ||||||
|  |             self.assertEqual(new_response[header], self.resp[header]) | ||||||
|  |         self.assertEqual(new_response.cookies, self.resp.cookies) | ||||||
|  |         self.assertNotIn('Content-Language', new_response) | ||||||
|  |  | ||||||
|  |  | ||||||
| class XFrameOptionsMiddlewareTest(SimpleTestCase): | class XFrameOptionsMiddlewareTest(SimpleTestCase): | ||||||
|     """ |     """ | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user