#30701: Django generates overly verbose and possibly invalid Vary headers -----------------------------------------+------------------------ Reporter: Alexander-TX | Owner: nobody Type: Bug | Status: new Component: HTTP handling | Version: 2.2 Severity: Normal | Keywords: Triage Stage: Unreviewed | Has patch: 0 Needs documentation: 0 | Needs tests: 0 Patch needs improvement: 0 | Easy pickings: 1 UI/UX: 0 | -----------------------------------------+------------------------ Function "patch_vary_headers", simply appends new headers to list. If view code sets Vary header to asterisk, the resulting header (after applying SessionMiddleware and LocaleMiddleware) looks like this:
{{{ Vary: *, Accept-Language, Cookie }}} This is unnecessary and possible violates HTTP spec: {{{ The "Vary" header field in a response describes what parts of a request message, aside from the method, Host header field, and request target, might influence the origin server's process for selecting and representing this response. The value consists of either a single asterisk ("*") or a list of header field names (case-insensitive). Vary = "*" / 1#field-name }}} (from https://tools.ietf.org/html/rfc7231#page-70) I am using Django to implement REST API, so I'd like it to speak robust HTTP, that works with all present and future caching libraries, — even if widely used browsers and Nginx can correctly interpret current form of the header. -- Ticket URL: <https://code.djangoproject.com/ticket/30701> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/055.cd2d4ae21aacb4c26c55e035bb7c2585%40djangoproject.com.