4

I need to implement a HTTP proxy in Django and my Google safari led me to a project called django-webproxy.

Although no longer maintained, it's quite simple. Most of the logic relies on a simple proxy Middleware class that intercepts all requests to the Django WSGI server and handles it.

If the Middleware returns any data, the WSGI server simply passes it back to the client but if it returns nothing, Django simply handles the request by passing to the other Middleware.

Everything works fine, pretty much, but I need to implement proxy authentication which mean i have to send a 407 status code to the client with a Proxy-Authenticate header. This sin't allowed by Django as it is a hop-by-hop header and Django throws an exception. How can i hack/force/kludge Django into allowing me to send hop-by-hop headers?

FYI, ihe code for the middleware class can be found here.

Mridang Agarwalla
  • 43,201
  • 71
  • 221
  • 382

2 Answers2

3
from django.core.servers import basehttp

del basehttp._hop_headers['proxy-authenticate']
del basehttp._hop_headers['proxy-authorization']

This worked for me.

Mridang Agarwalla
  • 43,201
  • 71
  • 221
  • 382
  • 2
    This limitation is actually imposed by the WSGI library (not Django). The full list of "hop headers" for Python 2.7 are -- 'connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade'. – s29 Mar 19 '12 at 07:23
1

django.core.servers.basehttp._hop_headers is no longer with us present in the basehttp module (since Django 1.10).

I know 2 ways to change it:

  1. Start your server like so:

    $ python -O ./manage.py runserver --noreload

  2. Change wsgiref.util._hoppish:

    import wsgiref.util
wsgiref.util._hoppish = {
    'connection': 1, 'keep-alive':1,
    'te':1, 'trailers':1, 'transfer-encoding':1,
    'upgrade':1
}.__contains__
x-yuri
  • 16,722
  • 15
  • 114
  • 161