Django Utils

This document covers all stable modules in django.utils. Most of the modules in django.utils are designed for internal use and only the following parts can be considered stable and thus backwards compatible as per the internal release deprecation policy.


This module contains helper functions for controlling HTTP caching. It does so by managing the Vary header of responses. It includes functions to patch the header of response objects directly and decorators that change functions to do that header-patching themselves.

For information on the Vary header, see RFC 7231#section-7.1.4.

Essentially, the Vary HTTP header defines which headers a cache should take into account when building its cache key. Requests with the same path but different header content for headers named in Vary need to get different cache keys to prevent delivery of wrong content.

For example, internationalization middleware would need to distinguish caches by the Accept-language header.

patch_cache_control(response, **kwargs)

This function patches the Cache-Control header by adding all keyword arguments to it. The transformation is as follows:

  • All keyword parameter names are turned to lowercase, and underscores are converted to hyphens.
  • If the value of a parameter is True (exactly True, not just a true value), only the parameter name is added to the header.
  • All other parameters are added with their value, after applying str() to it.

Returns the max-age from the response Cache-Control header as an integer (or None if it wasn't found or wasn't an integer).

patch_response_headers(response, cache_timeout=None)

Adds some useful headers to the given HttpResponse object:

  • Expires
  • Cache-Control

Each header is only added if it isn't already set.

cache_timeout is in seconds. The CACHE_MIDDLEWARE_SECONDS setting is used by default.


Adds an Expires header to the current date/time.

Adds a Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private header to a response to indicate that a page should never be cached.

Each header is only added if it isn't already set.

patch_vary_headers(response, newheaders)

Adds (or updates) the Vary header in the given HttpResponse object. newheaders is a list of header names that should be in Vary. If headers contains an asterisk, then Vary header will consist of a single asterisk '*', according to RFC 7231#section-7.1.4. Otherwise, existing headers in Vary aren't removed.

get_cache_key(request, key_prefix=None, method='GET', cache=None)

Returns a cache key based on the request path. It can be used in the request phase because it pulls the list of headers to take into account from the global path registry and uses those to build a cache key to check against.

If there is no headerlist stored, the page needs to be rebuilt, so this function returns None.

learn_cache_key(request, response, cache_timeout=None, key_prefix=None, cache=None)

Learns what headers to take into account for some request path from the response object. It stores those headers in a global path registry so that later access to that path will know what headers to take into account without building the response object itself. The headers are named in the Vary header of the response, but we want to prevent response generation.

The list of headers to use for cache key generation is stored in the same cache as the pages themselves. If the cache ages some data out of the cache, this means that we have to build the response once to get at the Vary header and so at the list of headers to use for the cache key.


The functions defined in this module share the following properties:

  • They accept strings in ISO 8601 date/time formats (or some close alternatives) and return objects from the corresponding classes in Python's datetime module.
  • They raise ValueError if their input is well formatted but isn't a valid date or time.
  • They return None if it isn't well formatted at all.
  • They accept up to picosecond resolution in input, but they truncate it to microseconds, since that's what Python supports.

Parses a string and returns a


Parses a string and returns a datetime.time.

UTC offsets aren't supported; if value describes one, the result is None.


Parses a string and returns a datetime.datetime.

UTC offsets are supported; if value describes one, the result's tzinfo attribute is a datetime.timezone instance.


Parses a string and returns a datetime.timedelta.

Expects data in the format "DD HH:MM:SS.uuuuuu", "DD HH:MM:SS,uuuuuu", or as specified by ISO 8601 (e.g. P4DT1H15M20S which is equivalent to 4 1:15:20) or PostgreSQL's day-time interval format (e.g. 3 days 04:05:06).


method_decorator(decorator, name='')[ソース]

Converts a function decorator into a method decorator. It can be used to decorate methods or classes; in the latter case, name is the name of the method to be decorated and is required.

decorator may also be a list or tuple of functions. They are wrapped in reverse order so that the call order is the order in which the functions appear in the list/tuple.

See decorating class based views for example usage.


Given a middleware class, returns a view decorator. This lets you use middleware functionality on a per-view basis. The middleware is created with no params passed.

It assumes middleware that's compatible with the old style of Django 1.9 and earlier (having methods like process_request(), process_exception(), and process_response()).


Like decorator_from_middleware, but returns a function that accepts the arguments to be passed to the middleware_class. For example, the cache_page() decorator is created from the CacheMiddleware like this:

cache_page = decorator_from_middleware_with_args(CacheMiddleware)

def my_view(request):

Marks a middleware as synchronous-only. (The default in Django, but this allows you to future-proof if the default ever changes in a future release.)


Marks a middleware as asynchronous-only. Django will wrap it in an asynchronous event loop when it is called from the WSGI request path.


Marks a middleware as sync and async compatible, this allows to avoid converting requests. You must implement detection of the current request type to use this decorator. See asynchronous middleware documentation for details.


smart_str(s, encoding='utf-8', strings_only=False, errors='strict')[ソース]

Returns a str object representing arbitrary object s. Treats bytestrings using the encoding codec.

If strings_only is True, don't convert (some) non-string-like objects.


Determine if the object instance is of a protected type.

Objects of protected types are preserved as-is when passed to force_str(strings_only=True).

force_str(s, encoding='utf-8', strings_only=False, errors='strict')[ソース]

Similar to smart_str(), except that lazy instances are resolved to strings, rather than kept as lazy objects.

If strings_only is True, don't convert (some) non-string-like objects.

smart_bytes(s, encoding='utf-8', strings_only=False, errors='strict')[ソース]

Returns a bytestring version of arbitrary object s, encoded as specified in encoding.

If strings_only is True, don't convert (some) non-string-like objects.

force_bytes(s, encoding='utf-8', strings_only=False, errors='strict')[ソース]

Similar to smart_bytes, except that lazy instances are resolved to bytestrings, rather than kept as lazy objects.

If strings_only is True, don't convert (some) non-string-like objects.


Convert an Internationalized Resource Identifier (IRI) portion to a URI portion that is suitable for inclusion in a URL.

This is the algorithm from section 3.1 of RFC 3987#section-3.1, slightly simplified since the input is assumed to be a string rather than an arbitrary byte stream.

Takes an IRI (string or UTF-8 bytes) and returns a string containing the encoded result.


Converts a Uniform Resource Identifier into an Internationalized Resource Identifier.

This is an algorithm from section 3.2 of RFC 3987#section-3.2.

Takes a URI in ASCII bytes and returns a string containing the encoded result.


Convert a file system path to a URI portion that is suitable for inclusion in a URL. The path is assumed to be either UTF-8 bytes, string, or a Path.

This method will encode certain characters that would normally be recognized as special characters for URIs. Note that this method does not encode the ' character, as it is a valid character within URIs. See encodeURIComponent() JavaScript function for more details.

Returns an ASCII string containing the encoded result.


Escapes the unsafe characters from the path portion of a Uniform Resource Identifier (URI).



>>> from django.utils import feedgenerator
>>> feed = feedgenerator.Rss201rev2Feed(
...     title="Poynter E-Media Tidbits",
...     link="",
...     description="A group blog by the sharpest minds in online media/journalism/publishing.",
...     language="en",
... )
>>> feed.add_item(
...     title="Hello",
...     link="",
...     description="Testing.",
... )
>>> with open('test.rss', 'w') as fp:
...     feed.write(fp, 'utf-8')

For simplifying the selection of a generator use feedgenerator.DefaultFeed which is currently Rss201rev2Feed

For definitions of the different versions of RSS, see:

get_tag_uri(url, date)

Creates a TagURI.



class SyndicationFeed

Base class for all syndication feeds. Subclasses should provide write().

__init__(title, link, description, language=None, author_email=None, author_name=None, author_link=None, subtitle=None, categories=None, feed_url=None, feed_copyright=None, feed_guid=None, ttl=None, **kwargs)

Initialize the feed with the given dictionary of metadata, which applies to the entire feed.

Any extra keyword arguments you pass to __init__ will be stored in self.feed.

All parameters should be strings, except categories, which should be a sequence of strings.

add_item(title, link, description, author_email=None, author_name=None, author_link=None, pubdate=None, comments=None, unique_id=None, categories=(), item_copyright=None, ttl=None, updateddate=None, enclosures=None, **kwargs)

Adds an item to the feed. All args are expected to be strings except pubdate and updateddate, which are datetime.datetime objects, and enclosures, which is a list of Enclosure instances.


Return extra attributes to place on the root (i.e. feed/channel) element. Called from write().


Add elements in the root (i.e. feed/channel) element. Called from write().


Return extra attributes to place on each item (i.e. item/entry) element.

add_item_elements(handler, item)

Add elements on each item (i.e. item/entry) element.

write(outfile, encoding)

Outputs the feed in the given encoding to outfile, which is a file-like object. Subclasses should override this.


Returns the feed in the given encoding as a string.


Returns the latest pubdate or updateddate for all items in the feed. If no items have either of these attributes this returns the current UTC date/time.


class Enclosure

Represents an RSS enclosure


class RssFeed(SyndicationFeed)


class Rss201rev2Feed(RssFeed)



class RssUserland091Feed(RssFeed)



class Atom1Feed(SyndicationFeed)

Spec: RFC 4287


class cached_property(func, name=None)[ソース]

The @cached_property decorator caches the result of a method with a single self argument as a property. The cached result will persist as long as the instance does, so if the instance is passed around and the function subsequently invoked, the cached result will be returned.

Consider a typical case, where a view might need to call a model's method to perform some computation, before placing the model instance into the context, where the template might invoke the method once more:

# the model
class Person(models.Model):

    def friends(self):
        # expensive computation
        return friends

# in the view:
if person.friends():

And in the template you would have:

{% for friend in person.friends %}

Here, friends() will be called twice. Since the instance person in the view and the template are the same, decorating the friends() method with @cached_property can avoid that:

from django.utils.functional import cached_property

class Person(models.Model):

    def friends(self):

Note that as the method is now a property, in Python code it will need to be accessed appropriately:

# in the view:
if person.friends:

The cached value can be treated like an ordinary attribute of the instance:

# clear it, requiring re-computation next time it's called
del person.friends # or delattr(person, "friends")

# set a value manually, that will persist on the instance until cleared
person.friends = ["Huckleberry Finn", "Tom Sawyer"]

Because of the way the descriptor protocol works, using del (or delattr) on a cached_property that hasn't been accessed raises AttributeError.

As well as offering potential performance advantages, @cached_property can ensure that an attribute's value does not change unexpectedly over the life of an instance. This could occur with a method whose computation is based on, or if a change were saved to the database by some other process in the brief interval between subsequent invocations of a method on the same instance.

You can make cached properties of methods. For example, if you had an expensive get_friends() method and wanted to allow calling it without retrieving the cached value, you could write:

friends = cached_property(get_friends)

While person.get_friends() will recompute the friends on each call, the value of the cached property will persist until you delete it as described above:

x = person.friends         # calls first time
y = person.get_friends()   # calls again
z = person.friends         # does not call
x is z                     # is True
class classproperty(method=None)[ソース]

Similar to @classmethod, the @classproperty decorator converts the result of a method with a single cls argument into a property that can be accessed directly from the class.

keep_lazy(func, *resultclasses)[ソース]

Django offers many utility functions (particularly in django.utils) that take a string as their first argument and do something to that string. These functions are used by template filters as well as directly in other code.

If you write your own similar functions and deal with translations, you'll face the problem of what to do when the first argument is a lazy translation object. You don't want to convert it to a string immediately, because you might be using this function outside of a view (and hence the current thread's locale setting will not be correct).

For cases like this, use the django.utils.functional.keep_lazy() decorator. It modifies the function so that if it's called with a lazy translation as one of its arguments, the function evaluation is delayed until it needs to be converted to a string.


from django.utils.functional import keep_lazy, keep_lazy_text

def fancy_utility_function(s, ...):
    # Do some conversion on string 's'
fancy_utility_function = keep_lazy(str)(fancy_utility_function)

# Or more succinctly:
def fancy_utility_function(s, ...):

The keep_lazy() decorator takes a number of extra arguments (*args) specifying the type(s) that the original function can return. A common use case is to have functions that return text. For these, you can pass the str type to keep_lazy (or use the keep_lazy_text() decorator described in the next section).

Using this decorator means you can write your function and assume that the input is a proper string, then add support for lazy translation objects at the end.


A shortcut for keep_lazy(str)(func).

If you have a function that returns text and you want to be able to take lazy arguments while delaying their evaluation, you can use this decorator:

from django.utils.functional import keep_lazy, keep_lazy_text

# Our previous example was:
def fancy_utility_function(s, ...):

# Which can be rewritten as:
def fancy_utility_function(s, ...):


Usually you should build up HTML using Django's templates to make use of its autoescape mechanism, using the utilities in django.utils.safestring where appropriate. This module provides some additional low level utilities for escaping HTML.


Returns the given text with ampersands, quotes and angle brackets encoded for use in HTML. The input is first coerced to a string and the output has mark_safe() applied.


Similar to escape(), except that it doesn't operate on pre-escaped strings, so it will not double escape.

format_html(format_string, *args, **kwargs)[ソース]

This is similar to str.format(), except that it is appropriate for building up HTML fragments. All args and kwargs are passed through conditional_escape() before being passed to str.format().

For the case of building up small HTML fragments, this function is to be preferred over string interpolation using % or str.format() directly, because it applies escaping to all arguments - just like the template system applies escaping by default.

So, instead of writing:

mark_safe("%s <b>%s</b> %s" % (

You should instead use:

format_html("{} <b>{}</b> {}",

This has the advantage that you don't need to apply escape() to each argument and risk a bug and an XSS vulnerability if you forget one.

Note that although this function uses str.format() to do the interpolation, some of the formatting options provided by str.format() (e.g. number formatting) will not work, since all arguments are passed through conditional_escape() which (ultimately) calls force_str() on the values.

format_html_join(sep, format_string, args_generator)[ソース]

A wrapper of format_html(), for the common case of a group of arguments that need to be formatted using the same format string, and then joined using sep. sep is also passed through conditional_escape().

args_generator should be an iterator that returns the sequence of args that will be passed to format_html(). For example:

    '\n', "<li>{} {}</li>",
    ((u.first_name, u.last_name) for u in users)

Tries to remove anything that looks like an HTML tag from the string, that is anything contained within <>.

Absolutely NO guarantee is provided about the resulting string being HTML safe. So NEVER mark safe the result of a strip_tag call without escaping it first, for example with escape().



If value is "<b>Joel</b> <button>is</button> a <span>slug</span>" the return value will be "Joel is a slug".

If you are looking for a more robust solution, take a look at the bleach Python library.


The __html__() method on a class helps non-Django templates detect classes whose output doesn't require HTML escaping.

This decorator defines the __html__() method on the decorated class by wrapping __str__() in mark_safe(). Ensure the __str__() method does indeed return text that doesn't require HTML escaping.


urlencode(query, doseq=False)[ソース]

A version of Python's urllib.parse.urlencode() function that can operate on MultiValueDict and non-string values.


Formats the time to match the RFC 1123#section-5.2.14 date format as specified by HTTP RFC 7231#section-

Accepts a floating point number expressed in seconds since the epoch in UTC--such as that outputted by time.time(). If set to None, defaults to the current time.

Outputs a string in the format Wdy, DD Mon YYYY HH:MM:SS GMT.


Converts a base 36 string to an integer.


Converts a positive integer to a base 36 string.


Encodes a bytestring to a base64 string for use in URLs, stripping any trailing equal signs.


Decodes a base64 encoded string, adding back any trailing equal signs that might have been stripped.


Functions for working with Python modules.


Imports a dotted module path and returns the attribute/class designated by the last name in the path. Raises ImportError if the import failed. For example:

from django.utils.module_loading import import_string
ValidationError = import_string('django.core.exceptions.ValidationError')


from django.core.exceptions import ValidationError


Functions and classes for working with "safe strings": strings that can be displayed safely without further escaping in HTML. Marking something as a "safe string" means that the producer of the string has already turned characters that should not be interpreted by the HTML engine (e.g. '<') into the appropriate entities.

class SafeString[ソース]

A str subclass that has been specifically marked as "safe" (requires no further escaping) for HTML output purposes.


Explicitly mark a string as safe for (HTML) output purposes. The returned object can be used everywhere a string is appropriate.

Can be called multiple times on a single string.

Can also be used as a decorator.

For building up fragments of HTML, you should normally be using django.utils.html.format_html() instead.

String marked safe will become unsafe again if modified. For example:

>>> mystr = '<b>Hello World</b>   '
>>> mystr = mark_safe(mystr)
>>> type(mystr)
<class 'django.utils.safestring.SafeString'>

>>> mystr = mystr.strip()  # removing whitespace
>>> type(mystr)
<type 'str'>


format_lazy(format_string, *args, **kwargs)

A version of str.format() for when format_string, args, and/or kwargs contain lazy objects. The first argument is the string to be formatted. For example:

from django.utils.text import format_lazy
from django.utils.translation import pgettext_lazy

urlpatterns = [
    path(format_lazy('{person}/<int:pk>/', person=pgettext_lazy('URL', 'person')),

This example allows translators to translate part of the URL. If "person" is translated to "persona", the regular expression will match persona/(?P<pk>\d+)/$, e.g. persona/5/.

slugify(value, allow_unicode=False)[ソース]

Converts a string to a URL slug by:

  1. Converting to ASCII if allow_unicode is False (the default).
  2. Converting to lowercase.
  3. Removing characters that aren't alphanumerics, underscores, hyphens, or whitespace.
  4. Replacing any whitespace or repeated dashes with single dashes.
  5. Removing leading and trailing whitespace, dashes, and underscores.


>>> slugify(' Joel is a slug ')

If you want to allow Unicode characters, pass allow_unicode=True. For example:

>>> slugify('你好 World', allow_unicode=True)
Changed in Django 3.2:

In older versions, leading and trailing dashes and underscores are not removed.



tzinfo instance that represents UTC.


Returns a tzinfo instance that represents a time zone with a fixed offset from UTC.

offset is a datetime.timedelta or an integer number of minutes. Use positive values for time zones east of UTC and negative values for west of UTC.


Returns a tzinfo instance that represents the default time zone.


Returns the name of the default time zone.


Returns a tzinfo instance that represents the current time zone.


Returns the name of the current time zone.


Sets the current time zone. The timezone argument must be an instance of a tzinfo subclass or a time zone name.


Unsets the current time zone.


This is a Python context manager that sets the current time zone on entry with activate(), and restores the previously active time zone on exit. If the timezone argument is None, the current time zone is unset on entry with deactivate() instead.

override is also usable as a function decorator.

localtime(value=None, timezone=None)

Converts an aware datetime to a different time zone, by default the current time zone.

When value is omitted, it defaults to now().

This function doesn't work on naive datetimes; use make_aware() instead.

localdate(value=None, timezone=None)

Uses localtime() to convert an aware datetime to a date() in a different time zone, by default the current time zone.

When value is omitted, it defaults to now().

This function doesn't work on naive datetimes.


Returns a datetime that represents the current point in time. Exactly what's returned depends on the value of USE_TZ:

  • If USE_TZ is False, this will be a naive datetime (i.e. a datetime without an associated timezone) that represents the current time in the system's local timezone.
  • If USE_TZ is True, this will be an aware datetime representing the current time in UTC. Note that now() will always return times in UTC regardless of the value of TIME_ZONE; you can use localtime() to get the time in the current time zone.

Returns True if value is aware, False if it is naive. This function assumes that value is a datetime.


Returns True if value is naive, False if it is aware. This function assumes that value is a datetime.

make_aware(value, timezone=None, is_dst=None)

Returns an aware datetime that represents the same point in time as value in timezone, value being a naive datetime. If timezone is set to None, it defaults to the current time zone.

バージョン 4.0 で非推奨: When using pytz, the pytz.AmbiguousTimeError exception is raised if you try to make value aware during a DST transition where the same time occurs twice (when reverting from DST). Setting is_dst to True or False will avoid the exception by choosing if the time is pre-transition or post-transition respectively.

When using pytz, the pytz.NonExistentTimeError exception is raised if you try to make value aware during a DST transition such that the time never occurred. For example, if the 2:00 hour is skipped during a DST transition, trying to make 2:30 aware in that time zone will raise an exception. To avoid that you can use is_dst to specify how make_aware() should interpret such a nonexistent time. If is_dst=True then the above time would be interpreted as 2:30 DST time (equivalent to 1:30 local time). Conversely, if is_dst=False the time would be interpreted as 2:30 standard time (equivalent to 3:30 local time).

The is_dst parameter has no effect when using non-pytz timezone implementations.

The is_dst parameter is deprecated and will be removed in Django 5.0.

make_naive(value, timezone=None)

Returns a naive datetime that represents in timezone the same point in time as value, value being an aware datetime. If timezone is set to None, it defaults to the current time zone.


以下の使い方の完全な説明は、翻訳ドキュメント を参照してください。


Translates message and returns it as a string.

pgettext(context, message)[ソース]

Translates message given the context and returns it as a string.

詳しくは 文脈マーカー を参照してください。

pgettext_lazy(context, message)

上述の lazy ではないものと同じですが、遅延処理を使用します。

遅延翻訳ドキュメント を参照してください。


翻訳用に文字列をマークしますが、この段階では翻訳しません。(外部で使われる可能性があるため) ベースの言語のままにする必要があるグローバル変数に文字列を保持するために使えます。そして、後の時点で翻訳します。

ngettext(singular, plural, number)[ソース]

Translates singular and plural and returns the appropriate string based on number.

npgettext(context, singular, plural, number)[ソース]

Translates singular and plural and returns the appropriate string based on number and the context.

ngettext_lazy(singular, plural, number)[ソース]
npgettext_lazy(context, singular, plural, number)[ソース]

上述の lazy ではないものと同じですが、遅延処理を使用します。

遅延翻訳ドキュメント を参照してください。


渡された language に対して翻訳オブジェクトを取り出し、現在のスレッドに対してカレント翻訳オブジェクトとして有効化します。


カレント翻訳オブジェクトを無効化し、さらなる _ 呼び出しが再びデフォルトの翻訳オブジェクトに対して解決するようにします。


アクティブな翻訳オブジェクトを NullTranslations() のインスタンスにします。何らかの理由で遅延された翻訳を元の文字列で表示したいときに役立ちます。

override(language, deactivate=False)[ソース]

A Python context manager that uses django.utils.translation.activate() to fetch the translation object for a given language, activates it as the translation object for the current thread and reactivates the previous active language on exit. Optionally, it can deactivate the temporary translation on exit with django.utils.translation.deactivate() if the deactivate argument is True. If you pass None as the language argument, a NullTranslations() instance is activated within the context.

override is also usable as a function decorator.


与えられた言語コード (例えば 'fr' や 'pt_BR') に対するグローバル言語ファイルが存在するかどうかをチェックします。ユーザーが提供する言語が有効かどうかを決めるために使われます。


現在選択中の言語コードを返します。翻訳が (deactivate_all()Noneoverride() に渡されることによって) 一時的に無効化されている場合は None を返します。


選択中の言語の BiDi レイアウトを返します:

  • False = 左から右へのレイアウト
  • True = 右から左へのレイアウト
get_language_from_request(request, check_path=False)[ソース]

リクエストを分析して、ユーザがシステムにどの言語を表示させたいかを明らかにします。settings.LANGUAGES にリストアップされている言語のみが考慮されます。ユーザが主言語の他に副言語をリクエストする場合は、主言語が送信されます。

check_pathTrue の場合、関数はまず、パスが LANGUAGES 設定にリストアップされた言語コードで始まるかどうか、リクエストされた URL をチェックします。

get_supported_language_variant(lang_code, strict=False)[ソース]

Returns lang_code if it's in the LANGUAGES setting, possibly selecting a more generic variant. For example, 'es' is returned if lang_code is 'es-ar' and 'es' is in LANGUAGES but 'es-ar' isn't.

If strict is False (the default), a country-specific variant may be returned when neither the language code nor its generic variant is found. For example, if only 'es-co' is in LANGUAGES, that's returned for lang_codes like 'es' and 'es-ar'. Those matches aren't returned if strict=True.

Raises LookupError if nothing is found.


言語の名前 (en-us) をロケール名 (en_US) に変換します。


Django テンプレートを xgettext によって理解されるものに変更します。Django 翻訳タグを標準的な gettext 関数の文に変換することによって行われます。