|
1 import re |
|
2 |
|
3 from django.conf import settings |
|
4 from django import http |
|
5 from django.core.mail import mail_managers |
|
6 from django.utils.http import urlquote |
|
7 from django.core import urlresolvers |
|
8 from django.utils.hashcompat import md5_constructor |
|
9 |
|
10 class CommonMiddleware(object): |
|
11 """ |
|
12 "Common" middleware for taking care of some basic operations: |
|
13 |
|
14 - Forbids access to User-Agents in settings.DISALLOWED_USER_AGENTS |
|
15 |
|
16 - URL rewriting: Based on the APPEND_SLASH and PREPEND_WWW settings, |
|
17 this middleware appends missing slashes and/or prepends missing |
|
18 "www."s. |
|
19 |
|
20 - If APPEND_SLASH is set and the initial URL doesn't end with a |
|
21 slash, and it is not found in urlpatterns, a new URL is formed by |
|
22 appending a slash at the end. If this new URL is found in |
|
23 urlpatterns, then an HTTP-redirect is returned to this new URL; |
|
24 otherwise the initial URL is processed as usual. |
|
25 |
|
26 - ETags: If the USE_ETAGS setting is set, ETags will be calculated from |
|
27 the entire page content and Not Modified responses will be returned |
|
28 appropriately. |
|
29 """ |
|
30 |
|
31 def process_request(self, request): |
|
32 """ |
|
33 Check for denied User-Agents and rewrite the URL based on |
|
34 settings.APPEND_SLASH and settings.PREPEND_WWW |
|
35 """ |
|
36 |
|
37 # Check for denied User-Agents |
|
38 if 'HTTP_USER_AGENT' in request.META: |
|
39 for user_agent_regex in settings.DISALLOWED_USER_AGENTS: |
|
40 if user_agent_regex.search(request.META['HTTP_USER_AGENT']): |
|
41 return http.HttpResponseForbidden('<h1>Forbidden</h1>') |
|
42 |
|
43 # Check for a redirect based on settings.APPEND_SLASH |
|
44 # and settings.PREPEND_WWW |
|
45 host = request.get_host() |
|
46 old_url = [host, request.path] |
|
47 new_url = old_url[:] |
|
48 |
|
49 if (settings.PREPEND_WWW and old_url[0] and |
|
50 not old_url[0].startswith('www.')): |
|
51 new_url[0] = 'www.' + old_url[0] |
|
52 |
|
53 # Append a slash if APPEND_SLASH is set and the URL doesn't have a |
|
54 # trailing slash and there is no pattern for the current path |
|
55 if settings.APPEND_SLASH and (not old_url[1].endswith('/')): |
|
56 if (not _is_valid_path(request.path_info) and |
|
57 _is_valid_path("%s/" % request.path_info)): |
|
58 new_url[1] = new_url[1] + '/' |
|
59 if settings.DEBUG and request.method == 'POST': |
|
60 raise RuntimeError, ("" |
|
61 "You called this URL via POST, but the URL doesn't end " |
|
62 "in a slash and you have APPEND_SLASH set. Django can't " |
|
63 "redirect to the slash URL while maintaining POST data. " |
|
64 "Change your form to point to %s%s (note the trailing " |
|
65 "slash), or set APPEND_SLASH=False in your Django " |
|
66 "settings.") % (new_url[0], new_url[1]) |
|
67 |
|
68 if new_url == old_url: |
|
69 # No redirects required. |
|
70 return |
|
71 if new_url[0]: |
|
72 newurl = "%s://%s%s" % ( |
|
73 request.is_secure() and 'https' or 'http', |
|
74 new_url[0], urlquote(new_url[1])) |
|
75 else: |
|
76 newurl = urlquote(new_url[1]) |
|
77 if request.GET: |
|
78 newurl += '?' + request.META['QUERY_STRING'] |
|
79 return http.HttpResponsePermanentRedirect(newurl) |
|
80 |
|
81 def process_response(self, request, response): |
|
82 "Check for a flat page (for 404s) and calculate the Etag, if needed." |
|
83 if response.status_code == 404: |
|
84 if settings.SEND_BROKEN_LINK_EMAILS: |
|
85 # If the referrer was from an internal link or a non-search-engine site, |
|
86 # send a note to the managers. |
|
87 domain = request.get_host() |
|
88 referer = request.META.get('HTTP_REFERER', None) |
|
89 is_internal = _is_internal_request(domain, referer) |
|
90 path = request.get_full_path() |
|
91 if referer and not _is_ignorable_404(path) and (is_internal or '?' not in referer): |
|
92 ua = request.META.get('HTTP_USER_AGENT', '<none>') |
|
93 ip = request.META.get('REMOTE_ADDR', '<none>') |
|
94 mail_managers("Broken %slink on %s" % ((is_internal and 'INTERNAL ' or ''), domain), |
|
95 "Referrer: %s\nRequested URL: %s\nUser agent: %s\nIP address: %s\n" \ |
|
96 % (referer, request.get_full_path(), ua, ip)) |
|
97 return response |
|
98 |
|
99 # Use ETags, if requested. |
|
100 if settings.USE_ETAGS: |
|
101 if response.has_header('ETag'): |
|
102 etag = response['ETag'] |
|
103 else: |
|
104 etag = '"%s"' % md5_constructor(response.content).hexdigest() |
|
105 if response.status_code >= 200 and response.status_code < 300 and request.META.get('HTTP_IF_NONE_MATCH') == etag: |
|
106 cookies = response.cookies |
|
107 response = http.HttpResponseNotModified() |
|
108 response.cookies = cookies |
|
109 else: |
|
110 response['ETag'] = etag |
|
111 |
|
112 return response |
|
113 |
|
114 def _is_ignorable_404(uri): |
|
115 """ |
|
116 Returns True if a 404 at the given URL *shouldn't* notify the site managers. |
|
117 """ |
|
118 for start in settings.IGNORABLE_404_STARTS: |
|
119 if uri.startswith(start): |
|
120 return True |
|
121 for end in settings.IGNORABLE_404_ENDS: |
|
122 if uri.endswith(end): |
|
123 return True |
|
124 return False |
|
125 |
|
126 def _is_internal_request(domain, referer): |
|
127 """ |
|
128 Returns true if the referring URL is the same domain as the current request. |
|
129 """ |
|
130 # Different subdomains are treated as different domains. |
|
131 return referer is not None and re.match("^https?://%s/" % re.escape(domain), referer) |
|
132 |
|
133 def _is_valid_path(path): |
|
134 """ |
|
135 Returns True if the given path resolves against the default URL resolver, |
|
136 False otherwise. |
|
137 |
|
138 This is a convenience method to make working with "is this a match?" cases |
|
139 easier, avoiding unnecessarily indented try...except blocks. |
|
140 """ |
|
141 try: |
|
142 urlresolvers.resolve(path) |
|
143 return True |
|
144 except urlresolvers.Resolver404: |
|
145 return False |
|
146 |