#15855: cache_page decorator bypasses any Vary headers set in middleware
-------------------------------------+-------------------------------------
Reporter: carljm | Owner: nobody
Type: Bug | Status: new
Milestone: | Component: Core (Cache system)
Version: | Severity: Normal
Resolution: | Keywords:
Triage Stage: Design | Has patch: 1
decision needed | Needs tests: 0
Needs documentation: 0 | Easy pickings: 0
Patch needs improvement: 0 |
UI/UX: 0 |
-------------------------------------+-------------------------------------
Comment (by carljm):
Verified that Luke's fix works on both 1.3.X and trunk. In fact,
vary_on_cookie isn't even needed, since csrf_protect patches the vary
header -- the docs can just replace vary_on_cookie with csrf_protect.
Went a little ways down the path of an automated test to verify that this
works, but since we have tests for all the component pieces already, the
test ends up just being a verification that Python does indeed apply
decorators in the expected order. Which is kind of a stupid thing to test.
Applying the doc fix to 1.3.X and trunk.
--
Ticket URL: <https://code.djangoproject.com/ticket/15855#comment:9>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
