1
0
mirror of https://github.com/django/django.git synced 2025-10-25 14:46:09 +00:00

Fixed #16632 -- Crash on responses without Content-Type with IE. Thanks juan for the report and kenth for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17196 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Aymeric Augustin
2011-12-11 08:58:14 +00:00
parent 545c3159f5
commit affca1369c
2 changed files with 49 additions and 1 deletions

View File

@@ -76,7 +76,8 @@ def fix_IE_for_vary(request, response):
# The first part of the Content-Type field will be the MIME type, # The first part of the Content-Type field will be the MIME type,
# everything after ';', such as character-set, can be ignored. # everything after ';', such as character-set, can be ignored.
if response['Content-Type'].split(';')[0] not in safe_mime_types: mime_type = response.get('Content-Type', '').partition(';')[0]
if mime_type not in safe_mime_types:
try: try:
del response['Vary'] del response['Vary']
except KeyError: except KeyError:

View File

@@ -1,6 +1,8 @@
from django.utils import http from django.utils import http
from django.utils import unittest from django.utils import unittest
from django.utils.datastructures import MultiValueDict from django.utils.datastructures import MultiValueDict
from django.http import HttpResponse, utils
from django.test import RequestFactory
class TestUtilsHttp(unittest.TestCase): class TestUtilsHttp(unittest.TestCase):
@@ -51,3 +53,48 @@ class TestUtilsHttp(unittest.TestCase):
'position=Developer&name=Adrian&name=Simon' 'position=Developer&name=Adrian&name=Simon'
] ]
self.assertTrue(result in acceptable_results) self.assertTrue(result in acceptable_results)
def test_fix_IE_for_vary(self):
"""
Regression for #16632.
`fix_IE_for_vary` shouldn't crash when there's no Content-Type header.
"""
# functions to generate responses
def response_with_unsafe_content_type():
r = HttpResponse(content_type="text/unsafe")
r['Vary'] = 'Cookie'
return r
def no_content_response_with_unsafe_content_type():
# 'Content-Type' always defaulted, so delete it
r = response_with_unsafe_content_type()
del r['Content-Type']
return r
# request with & without IE user agent
rf = RequestFactory()
request = rf.get('/')
ie_request = rf.get('/', HTTP_USER_AGENT='MSIE')
# not IE, unsafe_content_type
response = response_with_unsafe_content_type()
utils.fix_IE_for_vary(request, response)
self.assertTrue('Vary' in response)
# IE, unsafe_content_type
response = response_with_unsafe_content_type()
utils.fix_IE_for_vary(ie_request, response)
self.assertFalse('Vary' in response)
# not IE, no_content
response = no_content_response_with_unsafe_content_type()
utils.fix_IE_for_vary(request, response)
self.assertTrue('Vary' in response)
# IE, no_content
response = no_content_response_with_unsafe_content_type()
utils.fix_IE_for_vary(ie_request, response)
self.assertFalse('Vary' in response)