使用各种资源,我提出了以下django中间件,以防止经过身份验证的用户进行浏览器缓存:
class NoBrowserCachingMiddleware:
def add_to_header(self, response, key, value):
if response.has_header(key):
values = re.split(r'\s*,\s*', response[key])
if not value in values:
response[key] = ', '.join(values + [value])
else:
response[key] = value
def process_response(self, request, response):
if hasattr(request, 'user') and request.user.is_authenticated():
response['Expires'] = 0
self.add_to_header(response, 'Cache-Control', 'no-cache')
self.add_to_header(response, 'Cache-Control', 'no-store')
self.add_to_header(response, 'Cache-Control', 'must-revalidate')
self.add_to_header(response, 'Pragma', 'no-cache') #HTTP 1.0
if request.is_ajax():
return response
if response.status_code != 200:
return response
if 'text/html' not in response['Content-Type']:
return response
# safari back button fix
response.content = response.content.replace('<body', '<body onunload=""')
return response
我想删除我必须修改响应内容的部分。但是,如果我这样做,如果用户点击后退按钮,Safari将在注销后显示上一个缓存页面。有没有办法使用标准HTTP标头来阻止这种情况?
谢谢, 皮特