Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #4148 -- Changed the way attachments are served to IE to avoid …

…some

caching and header-related bugs there. Only comes into play when Internet
Explorer is the user-agent.

Patch from Michael Axiak, with testing from Axis_of_Entropy and Karen Tracey.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7856 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 8975bba742151a6a3164d5c7df7d793f12a7c5c1 1 parent 6048389
@malcolmt malcolmt authored
Showing with 57 additions and 2 deletions.
  1. +6 −2 django/core/handlers/base.py
  2. +51 −0 django/http/utils.py
View
8 django/core/handlers/base.py
@@ -6,8 +6,12 @@
class BaseHandler(object):
# Changes that are always applied to a response (in this order).
- response_fixes = [http.fix_location_header,
- http.conditional_content_removal]
+ response_fixes = [
+ http.fix_location_header,
+ http.conditional_content_removal,
+ http.fix_IE_for_attach,
+ http.fix_IE_for_vary,
+ ]
def __init__(self):
self._request_middleware = self._view_middleware = self._response_middleware = self._exception_middleware = None
View
51 django/http/utils.py
@@ -31,3 +31,54 @@ def conditional_content_removal(request, response):
if request.method == 'HEAD':
response.content = ''
return response
+
+def fix_IE_for_attach(request, response):
+ """
+ This function will prevent Django from serving a Content-Disposition header
+ while expecting the browser to cache it (only when the browser is IE). This
+ leads to IE not allowing the client to download.
+ """
+ if 'MSIE' not in request.META.get('HTTP_USER_AGENT', '').upper():
+ return response
+
+ offending_headers = ('no-cache', 'no-store')
+ if response.has_header('Content-Disposition'):
+ try:
+ del response['Pragma']
+ except KeyError:
+ pass
+ if response.has_header('Cache-Control'):
+ cache_control_values = [value.strip() for value in
+ response['Cache-Control'].split(',')
+ if value.strip().lower() not in offending_headers]
+
+ if not len(cache_control_values):
+ del response['Cache-Control']
+ else:
+ response['Cache-Control'] = ', '.join(cache_control_values)
+
+ return response
+
+def fix_IE_for_vary(request, response):
+ """
+ This function will fix the bug reported at
+ http://support.microsoft.com/kb/824847/en-us?spid=8722&sid=global
+ by clearing the Vary header whenever the mime-type is not safe
+ enough for Internet Explorer to handle. Poor thing.
+ """
+ if 'MSIE' not in request.META.get('HTTP_USER_AGENT', '').upper():
+ return response
+
+ # These mime-types that are decreed "Vary-safe" for IE:
+ safe_mime_types = ('text/html', 'text/plain', 'text/sgml')
+
+ # The first part of the Content-Type field will be the MIME type,
+ # everything after ';', such as character-set, can be ignored.
+ if response['Content-Type'].split(';')[0] not in safe_mime_types:
+ try:
+ del response['Vary']
+ except KeyError:
+ pass
+
+ return response
+
Please sign in to comment.
Something went wrong with that request. Please try again.