By the way, while reviewing the SecurityMiddleware, I would suggest that the redirection part be moved to a different middleware. http to https redirection should preferably be done at the Web server level, and for those doing that properly, they still pay for the unneeded (albeit small) overhead of the `SecurityMiddleware.process_request`.
> 3. For new headers I think we could add a setting called e.g. ADD_HEADERS - a dict of keys to values that > CommonMiddleware (or similar) could add to outgoing responses' headers. +1 to that proposal. Claude -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/3da2e385-551e-4905-83e8-7f2b99896f18o%40googlegroups.com.
