class GZipMiddleware [source] Warning Security researchers recently revealed that when compression techniques (including GZipMiddleware) are used on a website, the site may become exposed to a number of possible attacks. Before using GZipMiddleware on your site, you should consider very carefully whether you are subject to these attacks. If you’re in any doubt about whether you’re affected, you should avoid using GZipMiddleware. For more details, see the the BREACH paper (PDF) and breachatt

The File objectThe File class The ContentFile class The ImageFile class Additional methods on files attached to objects File storage APIGetting the current storage class The FileSystemStorage class The Storage class Uploaded Files and Upload HandlersUploaded files Built-in upload handlers Writing custom upload handlers

class UUIDField(**options) [source] A field for storing universally unique identifiers. Uses Python’s UUID class. When used on PostgreSQL, this stores in a uuid datatype, otherwise in a char(32). Universally unique identifiers are a good alternative to AutoField for primary_key. The database will not generate the UUID for you, so it is recommended to use default: import uuid from django.db import models class MyUUIDModel(models.Model): id = models.UUIDField(primary_key=True, default=uui

domain The fully qualified domain name associated with the website. For example, www.example.com. Changed in Django 1.9: The domain field was set to be unique.

static.static(prefix, view=django.views.static.serve, **kwargs) Helper function to return a URL pattern for serving files in debug mode: from django.conf import settings from django.conf.urls.static import static urlpatterns = [ # ... the rest of your URLconf goes here ... ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)

class Q [source] A Q() object, like an F object, encapsulates a SQL expression in a Python object that can be used in database-related operations. In general, Q() objects make it possible to define and reuse conditions. This permits the construction of complex database queries using | (OR) and & (AND) operators; in particular, it is not otherwise possible to use OR in QuerySets.

PROTECT [source] Prevent deletion of the referenced object by raising ProtectedError, a subclass of django.db.IntegrityError.

user_passes_test(test_func, login_url=None, redirect_field_name='next') [source] As a shortcut, you can use the convenient user_passes_test decorator which performs a redirect when the callable returns False: from django.contrib.auth.decorators import user_passes_test def email_check(user): return user.email.endswith('@example.com') @user_passes_test(email_check) def my_view(request): ... user_passes_test() takes a required argument: a callable that takes a User object and returns

class ExtractSecond(expression, tzinfo=None, **extra) [source] lookup_name = 'second' These are logically equivalent to Extract('datetime_field', lookup_name). Each class is also a Transform registered on DateTimeField as __(lookup_name), e.g. __minute. DateTimeField examples: >>> from datetime import datetime >>> from django.utils import timezone >>> from django.db.models.functions import ( ... ExtractYear, ExtractMonth, ExtractDay, ExtractWeekDay, ...

class RemoteUserMiddleware Middleware for utilizing Web server provided authentication. See Authentication using REMOTE_USER for usage details.