`archivebox.core.middleware`

Module Contents

Classes

ReverseProxyAuthMiddleware

Functions

`_admin_login_hint_cookie_domain`	Resolve the parent domain to scope the cross-subdomain login hint.
`detect_timezone`
`TimezoneMiddleware`
`CacheControlMiddleware`
`ServerSecurityModeMiddleware`
`HostRoutingMiddleware`

Data

ADMIN_LOGIN_HINT_COOKIE

API

archivebox.core.middleware.ADMIN_LOGIN_HINT_COOKIE[source]: ‘archivebox_admin_logged_in’

archivebox.core.middleware._admin_login_hint_cookie_domain(config) → str | None[source]

Resolve the parent domain to scope the cross-subdomain login hint.

NOTE: this cookie carries only the single bit “user is logged in on admin somewhere”; it MUST NOT be confused with the session cookie, which stays admin-host-scoped (see core/settings.py SESSION_COOKIE_DOMAIN comment — admin/public is a security boundary).

Returns the hostname portion of get_base_host (which respects BASE_URL and falls back to the local-bind mapping). Strips the port — cookie Domain= attributes don’t include ports. Returns None when subdomain routing is off, the base host is empty, or the base host is an IP / bare localhost (browsers reject cross-host cookies for those).

archivebox.core.middleware.detect_timezone(request, activate: bool = True)[source]

archivebox.core.middleware.TimezoneMiddleware(get_response)[source]

archivebox.core.middleware.CacheControlMiddleware(get_response)[source]

archivebox.core.middleware.ServerSecurityModeMiddleware(get_response)[source]

archivebox.core.middleware.HostRoutingMiddleware(get_response)[source]

class archivebox.core.middleware.ReverseProxyAuthMiddleware[source]

Bases: django.contrib.auth.middleware.RemoteUserMiddleware

header[source]: ‘HTTP_REMOTE_USER’

process_request(request)[source]

archivebox.core.middleware