Fixed #19321 -- Allowed redirect middleware HTTP responses to be overridden.

Thanks Melevir for the suggestion.
2025-11-23 12:26:57 +00:00 · 2013-05-20 20:22:38 +01:00 · 2013-05-20 20:22:38 +01:00 · 8b0014869f
commit 8b0014869f
parent 36e220f923
4 changed files with 83 additions and 9 deletions
--- a/django/contrib/redirects/middleware.py
+++ b/django/contrib/redirects/middleware.py
@ -8,6 +8,11 @@ from django import http


 class RedirectFallbackMiddleware(object):
+
+    # Defined as class-level attributes to be subclassing-friendly.
+    response_gone_class = http.HttpResponseGone
+    response_redirect_class = http.HttpResponsePermanentRedirect
+
    def __init__(self):
        if 'django.contrib.sites' not in settings.INSTALLED_APPS:
            raise ImproperlyConfigured(
@ -16,8 +21,9 @@ class RedirectFallbackMiddleware(object):
            )

    def process_response(self, request, response):
+        # No need to check for a redirect for non-404 responses.
        if response.status_code != 404:
-            return response # No need to check for a redirect for non-404 responses.
+            return response

        full_path = request.get_full_path()
        current_site = get_current_site(request)
@ -37,8 +43,8 @@ class RedirectFallbackMiddleware(object):
                pass
        if r is not None:
            if r.new_path == '':
-                return http.HttpResponseGone()
-            return http.HttpResponsePermanentRedirect(r.new_path)
+                return self.response_gone_class()
+            return self.response_redirect_class(r.new_path)

        # No redirect was found. Return the response.
        return response
--- a/django/contrib/redirects/tests.py
+++ b/django/contrib/redirects/tests.py
@ -1,3 +1,4 @@
+from django import http
 from django.conf import settings
 from django.contrib.sites.models import Site
 from django.core.exceptions import ImproperlyConfigured
@ -61,3 +62,32 @@ class RedirectTests(TestCase):
    def test_sites_not_installed(self):
        with self.assertRaises(ImproperlyConfigured):
            RedirectFallbackMiddleware()
+
+
+class OverriddenRedirectFallbackMiddleware(RedirectFallbackMiddleware):
+    # Use HTTP responses different from the defaults
+    response_gone_class = http.HttpResponseForbidden
+    response_redirect_class = http.HttpResponseRedirect
+
+
+@override_settings(
+    MIDDLEWARE_CLASSES=list(settings.MIDDLEWARE_CLASSES) +
+        ['django.contrib.redirects.tests.OverriddenRedirectFallbackMiddleware'],
+    SITE_ID=1,
+)
+class OverriddenRedirectMiddlewareTests(TestCase):
+
+    def setUp(self):
+        self.site = Site.objects.get(pk=settings.SITE_ID)
+
+    def test_response_gone_class(self):
+        Redirect.objects.create(
+            site=self.site, old_path='/initial/', new_path='')
+        response = self.client.get('/initial/')
+        self.assertEqual(response.status_code, 403)
+
+    def test_response_redirect_class(self):
+        Redirect.objects.create(
+            site=self.site, old_path='/initial/', new_path='/new_target/')
+        response = self.client.get('/initial/')
+        self.assertEqual(response.status_code, 302)