Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Content-Disposition header with inline disposition in Django 3.0 breaks in Safari #240
I can't determine if this is something that needs to be addressed in Whitenoise or in Django but in Django 3.0, a
This new header was added in de4832c49b8a8cf00b2d602ab4d10c4ca69627bd.
I can verify this works by adding this middleware before the WhiteNoiseMiddlware in my settings.py:
def strip_content_disposition(get_response): def middleware(request): response = get_response(request) del response['Content-Disposition'] return response return middleware
Obviously that's not a good solution for this, but I'm not sure what is or even if this is a Whitenoise issue or a Django issue.
Ended up using a setting built for this:
def strip_content_disposition(headers, path, url): headers["Content-Disposition"] = "" WHITENOISE_ADD_HEADERS_FUNCTION = strip_content_disposition
eliminates the need for the middleware.
Thanks for the suggestion, @jacobwegner
Django 3.0 adds a default Content-Disposition header to all FileResponse instances. Where the response isn't flagged as an attachment this header has the form `inline; filename="<filename>"`. See: https://code.djangoproject.com/ticket/30196 This header causes problems with Safari (see #240 and #241) so we want to make sure we don't send it. Looking at the code for FileResponse I can see that Django is also setting other default headers. These will generally be overwritten by WhiteNoise, but they cause unnecessary file accesses and provide more possibilities for errors. This patch creates a tiny wrapper around FileResponse which disables the setting of any default headers.