Ticket #12544: 12544-handle-bogus-if-modified-since-r12117.diff

File 12544-handle-bogus-if-modified-since-r12117.diff, 2.6 KB (added by Antti Kaihola, 15 years ago)

Fix and tests: handle bogus If-Modified-Since headers gracefully

  • django/views/static.py 

    diff --git a/django/views/static.py b/django/views/static.py
index 8355950..b76488f 100644
    a b def was_modified_since(header=None, mtime=0, size=0):  
    126126            raise ValueError
    127127        matches = re.match(r"^([^;]+)(; length=([0-9]+))?$", header,
    128128                           re.IGNORECASE)
    129         header_mtime = mktime_tz(parsedate_tz(matches.group(1)))
     129        try:
     130            header_mtime = mktime_tz(parsedate_tz(matches.group(1)))
     131        except OverflowError: # bogus timestamp
     132            return False
    130133        header_len = matches.group(3)
    131134        if header_len and int(header_len) != size:
    132135            raise ValueError

  • tests/regressiontests/views/tests/static.py 

    diff --git a/tests/regressiontests/views/tests/static.py b/tests/regressiontests/views/tests/static.py
index d7e87d1..d89b7a4 100644
    a b  
    11from os import path
    22
    33from django.test import TestCase
     4from django.http import HttpResponseNotModified
    45from regressiontests.views.urls import media_dir
    56
    67class StaticTests(TestCase):
    class StaticTests(TestCase):  
    2526        file = open(path.join(media_dir, file_name))
    2627        self.assertEquals(file.read(), response.content)
    2728
     29    def test_is_modified_since(self):
     30        file_name = 'file.txt'
     31        response = self.client.get(
     32            '/views/site_media/%s' % file_name,
     33            HTTP_IF_MODIFIED_SINCE='Thu, 1 Jan 1970 00:00:00 GMT')
     34        file = open(path.join(media_dir, file_name))
     35        self.assertEquals(file.read(), response.content)
     36
     37    def test_not_modified_since(self):
     38        file_name = 'file.txt'
     39        response = self.client.get(
     40            '/views/site_media/%s' % file_name,
     41            HTTP_IF_MODIFIED_SINCE='Mon, 18 Jan 2038 05:14:07 UTC'
     42            # This is 24h before max Unix time. Remember to fix Django and
     43            # update this test well before 2038 :)
     44            )
     45        self.assertTrue(isinstance(response, HttpResponseNotModified))
     46
     47    def test_invalid_if_modified_since(self):
     48        """Handle bogus If-Modified-Since values gracefully
     49
     50        To save resources, Django should reply with "not modified"
     51        since we can assume these requests are not legitimate.
     52        """
     53        file_name = 'file.txt'
     54        response = self.client.get(
     55            '/views/site_media/%s' % file_name,
     56            HTTP_IF_MODIFIED_SINCE='Fri, 34 Feb 3118 24:34:19 GMT'
     57            # This is a real-life example of a bogus If-Modified-Since header.
     58            )
     59        self.assertTrue(isinstance(response, HttpResponseNotModified))
Back to Top