Skip to main content

Configurable middleware to add HTTP caching headers for URL's.

Project description

Django Cache Headers

Travis

Overview

Django Cache Headers allows you to set HTTP caching headers for URL patterns according to certain policies. It does not perform any caching itself - it merely sets the headers on the response which are then interpreted by eg. Varnish.

Doing a truly zero-conf Varnish turned out to be fragile, so Django Cache Headers now generates a VCL file that can be included into or adapted to your default Varnish configuration file.

Installation

  1. Install or add django-cache-headers to your Python path.

  2. Add cache_headers to your INSTALLED_APPS setting.

  3. Add cache_headers.middleware.CacheHeadersMiddleware before SessionMiddleware and AuthenticationMiddleware and MessageMiddleware to your MIDDLEWARE_CLASSES setting.

Policies

Django Cache Headers provides four caching policies. You may define your own policies.:

  1. all-users - response is marked as cached once for all users.

  2. anonymous-only - response is marked as cached once only for anonymous users.

  3. anonymous-and-authenticated - response is marked as cached once for anonymous users and once for authenticated users.

  4. per-user - response is marked as cached once for anonymous users and for each authenticated user individually.

Settings

The timeouts key combines the policy, timeout in seconds and URL regexes in a nested dictionary:

CACHE_HEADERS = {
    "timeouts": {
        "all-users": {
            60: (
                "^/all-users/",
            )
        },
        "anonymous-only": {
            60: (
                "^/anonymous-only/",
            )
        },
        "anonymous-and-authenticated": {
            60: (
                "^/anonymous-and-authenticated/",
            )
        },
        "per-user": {
            60: (
                "^/per-user/",
            )
        },
        "custom-policy": {
            60: (
                "^/custom-policy/",
            )
        }
    }
}

Set browser-cache-seconds to specify how long the browser may cache a response before it has to revalidate with the server. It defaults to 5 seconds.:

CACHE_HEADERS = {"browser-cache-seconds": 10}

Set enable-tampering-checks to enable checks that guard against cache poising by tampering with the cookies. Keep this disabled for most unit tests. Unit test’s client.login() does not trigger the normal expected login path.

CACHE_HEADERS = {“enable-tampering-checks”: True}

Varnish configuration

Generate the VCL snippet:

python manage.py generate_vcl > /path/to/generated.vcl

Save the contents of sample.vcl as /etc/varnish/default.vcl. Restart Varnish for the configuration to take effect.

Authors

Praekelt Consulting

  • Hedley Roos

  • Altus Barry

Changelog

0.3.1

  1. An anonymous user may in fact have a session. Handle this case gracefully.

0.3

  1. Added vcl generation management command, to be used in tandem with varnish. sample.vcl updated to reflect usage.

  2. Make use of on_user_auth_event to ensure no-cache header is set during login and logout.

  3. Extra protection against tampered session cookie.

  4. Policies no longer makes an assumption on the session cookie name.

0.2.2

  1. Iterate over regexes in order of most specific (longest) to least specific (shortest).

  2. Revert OrderedDict change since it is not required anymore due to the above change.

0.2.1

  1. Use an OrderedDict for guaranteed policy iteration order.

0.2

  1. Ignoring cookies completely when setting headers turned out to be a mistake due to too many security concerns. Restore them.

0.1.3

  1. Handle case where user may also be logged in and a cookie not being set.

0.1.2

  1. Use the s-maxage header for compatability with Varnish.

0.1.1

  1. Leave response untouched if status code is not 200.

0.1

  1. Initial release.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-cache-headers-0.3.1.tar.gz (10.8 kB view details)

Uploaded Source

Built Distribution

django_cache_headers-0.3.1-py2.7.egg (30.8 kB view details)

Uploaded Source

File details

Details for the file django-cache-headers-0.3.1.tar.gz.

File metadata

File hashes

Hashes for django-cache-headers-0.3.1.tar.gz
Algorithm Hash digest
SHA256 8aa05a34060123afefa5d550d5deeeefa4fd1916b45095672c985fe254dc657d
MD5 adfe0b7790adcb639898c8aa156c000b
BLAKE2b-256 b2e5a01a39ec7d0369c6819ad73ea0010adb27275f26090231c196e0a3df16d4

See more details on using hashes here.

Provenance

File details

Details for the file django_cache_headers-0.3.1-py2.7.egg.

File metadata

File hashes

Hashes for django_cache_headers-0.3.1-py2.7.egg
Algorithm Hash digest
SHA256 5921ce276ac0f97f0e277fc65b3be7be43b0525b8f48e6bbb36fd83afecc662f
MD5 49b6bc5dbd16a261421d4d04c0cc3f90
BLAKE2b-256 2d0903c17dceedd92bc60f5779b3b50c138f9791099bf1a686d0954eaecfbe5e

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page