class GZipMiddleware [source] Warning Security researchers recently revealed that when compression techniques (including GZipMiddleware) are used on a website, the site may become exposed to a number of possible attacks. Before using GZipMiddleware on your site, you should consider very carefully whether you are subject to these attacks. If you’re in any doubt about whether you’re affected, you should avoid using GZipMiddleware. For more details, see the the BREACH paper (PDF) and breachatt

class ConditionalGetMiddleware [source] Handles conditional GET operations. If the response has a ETag or Last-Modified header, and the request has If-None-Match or If-Modified-Since, the response is replaced by an HttpResponseNotModified. Also sets the Date and Content-Length response-headers.

class BrokenLinkEmailsMiddleware [source] Sends broken link notification emails to MANAGERS (see Error reporting).

class CommonMiddleware [source] Adds a few conveniences for perfectionists: Forbids access to user agents in the DISALLOWED_USER_AGENTS setting, which should be a list of compiled regular expression objects. Performs URL rewriting based on the APPEND_SLASH and PREPEND_WWW settings. If APPEND_SLASH is True and the initial URL doesn’t end with a slash, and it is not found in the URLconf, then a new URL is formed by appending a slash at the end. If this new URL is found in the URLconf, then D

class XFrameOptionsMiddleware [source] Simple clickjacking protection via the X-Frame-Options header.

class FetchFromCacheMiddleware [source] Enable the site-wide cache. If these are enabled, each Django-powered page will be cached for as long as the CACHE_MIDDLEWARE_SECONDS setting defines. See the cache documentation.

class UpdateCacheMiddleware [source]

class storage.fallback.FallbackStorage This class first uses CookieStorage, and falls back to using SessionStorage for the messages that could not fit in a single cookie. It also requires Django’s contrib.sessions application. This behavior avoids writing to the session whenever possible. It should provide the best performance in the general case. FallbackStorage is the default storage class. If it isn’t suitable to your needs, you can select another storage class by setting MESSAGE_STORAGE

class storage.session.SessionStorage This class stores all messages inside of the request’s session. Therefore it requires Django’s contrib.sessions application.

class views.SuccessMessageMixin Adds a success message attribute to FormView based classes get_success_message(cleaned_data) cleaned_data is the cleaned data from the form which is used for string formatting Example views.py: from django.contrib.messages.views import SuccessMessageMixin from django.views.generic.edit import CreateView from myapp.models import Author class AuthorCreate(SuccessMessageMixin, CreateView): model = Author success_url = '/success/' success_messag