Middleware for using HttpOnly session cookie (including monkey patching for support for Python <2.6)
A middleware to set the httponly flag on the session cookie. Including monkey patching for support for Python <2.6.
- middleware
- sessions
- httponly
Snippet List
Fake SSL Middleware for Tests and Local Development
Add `FakeSSLMiddleware` to the top of your `MIDDLEWARE_CLASSES` stack when running tests or developing locally to allow https:// links to operate correctly. Can be used in conjunction with other SSL middleware to allow critical tests to be performed.
- middleware
- ssl
- testing
- test
- https
- local
- fake
Mobile browser detection middleware
This middleware adds a "is_mobile" (boolean) to the request object if the user's browser is a mobile browser (iPhone, Nokia, etc). **Example of use inside a view:** `request.is_mobile` **Example of use inside a template:** *You must activate the template processor "django.core.context_processors.request" in your settings. (see TEMPLATE_CONTEXT_PROCESSORS at djangoproject.com)* `{{ request.is_mobile }}`
- middleware
- detect
- browser
- detection
- mobile
SSL / HTTPS Middleware for Redirection and href Rewriting
See docstrings for details. To use, add to `MIDDLEWARE_CLASSES` in `settings.py`, and in your `views.py`: 1. `from path.to.this.middleware import secure` 2. Decorate SSL views with `@secure`
- middleware
- ssl
- https
- redirection
- href
Security: Sideband information cover traffic middleware
This is a quick hack to address the SSL info leakage covered here: http://www.freedom-to-tinker.com/blog/felten/side-channel-leaks-web-applications Don't use this in prod without testing. :-) I'll get some feedback from django-dev and update here.
- middleware
- ssl
- security
DebugMiddleware footer with links to quick open file/line# in TextMate on local machine
Adds a hidden footer to the bottom of every text/html page containing a list of SQL queries executed, the view function that was used and all templates that were loaded. Each template path is a clickable URL of the type txmt://open/?url=file://FILENAME&line=LINENO as is the view function. This lets you open the file very quickly in TextMate which speeds up development considerably and relieves the mind of much fetching-lookup tedium. This version works on SVN 12002 (1.2 alpha) and earlier. The previous version was: http://www.djangosnippets.org/snippets/1033/ which got caught but some edge case in certain modules. It is based on the original by Simon http://www.djangosnippets.org/snippets/766/ To use save this as 'debug_middleware.py' somewhere on your PYTHONPATH and add 'debug_middleware.DebugFooter' to your MIDDLEWARE_CLASSES setting. - Felix (the Third) hey wouldn't it be great if you could retrieve your password on djangosnippets ? somebody should volunteer to upgrade it
- middleware
- debug
- textmate
Web crawler/bot detection and blocking middleware
Sets request.is_crawler Allow bot lockout from certain urls in urlconf ,add view parameter 'deny_crawlers' ex. url(r'^foo/$', 'views.foo',{'deny_crawlers' : True},name='foo') view param is removed after middleware pass.
- middleware
- bot
- yahoo
- crawler
- robot
- googlebot
- cuil
- slurp
Request time logging middleware
Middleware class logging request time to stderr. This class can be used to measure time of request processing within Django. It can be also used to log time spent in middleware and in view itself, by putting middleware multiple times in INSTALLED_MIDDLEWARE. Static method `log_message' may be used independently of the middleware itself, outside of it, and even when middleware is not listed in INSTALLED_MIDDLEWARE.
- middleware
- debug
- logging
DebugFooter middleware for django 1.0 and higher
Based on Snippet [766](http://www.djangosnippets.org/snippets/766/) & [799](http://www.djangosnippets.org/snippets/799/), edited for django 1.0 and higher.
- sql
- middleware
- debug
HTML 5 Firefox 2 Hack
This is a hack to get HTML 5 to work for Firefox 2. It Sends the xhtml content-type to all Gecko based browsers where version is less than 1.9, or "rv:1.9pre" or "rv:1.9a" or "rv:1.9bx" where x is less than 5. I created this hack based on the information I found on this site, http://html5doctor.com/how-to-get-html5-working-in-ie-and-firefox-2/. Just put this code in one of your middleware files (i.e. mysite/middleware.py) and then add it in your MIDDLEWARE_CLASSES in your settings.py. Example: MIDDLEWARE_CLASSES = ( ... 'mysite.middleware.HTML5Firefox2Hack', ... )
- middleware
- html5
Middleware: Record ownership screener
UPDATE: 'ORDER BY' in de regex is now optional If enabled while coding just keep track of your console output for: <<< WARNING >>> Query execution without ownership clause, called from "process_response" Happy coding Regards, Gerard.
- middleware
- user
- permission
- ownership
- created_by
Strip Google Analytics cookies for caching middleware purposes
You may notice that using Google Analytics's 'urchin' with the CacheMiddleware and SessionMiddleware or AuthenticationMiddleware middleware classes means that nothing is ever cached. Google Analytics updates its cookies with every page view, and the Auth/Session middlewares add cookies to the caching engine's 'Vary' list. This means every page view is given a unique cache key. This middleware class will remove urchin's '__utmX' cookies from the request object before it hits the caching middleware. Put it at the top of your MIDDLEWARE_CLASSES in settings.py. nf / [email protected]
- middleware
- cache
- analytics
URL models
You can use `UrlModel` to provide URL functionality to any instance of any model and any language (language support can be removed from this). Each model must have own view method, that returns HttpResponse. I was inspired by Flatpages. It is useful for small sites and static pages. `class Page(UrlModel): text = models.TextField() def view(self, request) # do something here return HttpResponse(...)`
- middleware
- urls
- models
- foreignkey
- model
- generic
- url
- foreign-key
- genericforeignkey
- contenttypes
- 404
- contenttype
- content-type
Log Django exceptions to Apache error log in mod_wsgi
Add this to your middleware to log errors to the Apache error log when running under mod_wsgi.
- middleware
- apache
- errors
- modwsgi
- exceptions
HTTP Authorization Middleware/Decorator
Use HTTP Authorization to log in to django site. If you use the FORCE_HTTP_AUTH=True in your settings.py, then ONLY Http Auth will be used, if you don't then either http auth or django's session-based auth will be used. This assumes that the regular auth middleware is already installed. If you provide a HTTP_AUTH_REALM in your settings, that will be used as the realm for the challenge. Having both a decorator and a middleware means that for site-wide http auth, you only need to specify it once, but the same code can be used as a decorator if you want part of your site protected using htty basic auth, and the other bits freely visible. Of course, since this is basic auth, then you need to make sure your site is running under SSL (HTTPS), else your users passwords are effectively transmitted in the clear.
- middleware
- decorator
- http-auth
- basic-auth
181 snippets posted so far.