#37054: Precompute the Referrer-Policy header value during middleware
initialization
-------------------------------------+-------------------------------------
Reporter: Mason | Owner: Mason Lyons
Lyons |
Type: | Status: assigned
Cleanup/optimization |
Component: HTTP | Version: 6.0
handling |
Severity: Normal | Keywords: middleware
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
The SecurityMiddleware runs on every Django request and adds security
headers to responses. The original `process_response()` method constructs
the Referrer-Policy header by performing string operations on every
request:
{{{
def process_response(self, request, response):
# ... other headers ...
if self.referrer_policy:
# Support a comma-separated string or iterable of values to allow
# fallback.
response.headers.setdefault(
"Referrer-Policy",
",".join(
[v.strip() for v in self.referrer_policy.split(",")]
if isinstance(self.referrer_policy, str)
else self.referrer_policy
),
)
}}}
Move the string manipulation to `__init__()` where it runs once when the
middleware is initialized, storing the pre-computed value for use in
`process_response()`
--
Ticket URL: <https://code.djangoproject.com/ticket/37054>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019dab3416d6-b746a37f-9a3a-48c9-8232-6464b54fc03b-000000%40eu-central-1.amazonses.com.
