Why is "django.core.context_processors.request" not enabled by default?

Question

I was troubleshooting a problem with obtaining the request obj with a new project and realized "django.core.context_processors.request" was commented in vanilla installs of Django.

Like the title suggests, why would this seemingly helpful context processor be turned off by default?

• Is it an issue with performance?
• Is it an issue with security?
• Is it somehow redundant?

Some mild searching has not turned up anything for me, but I thought I'd ask here.

Answer 1

This is a good question. The docs say Note that this processor is not enabled by default; you’ll have to activate it. but no explanation.

My take on it is due to django's intense desire to separate view logic from the template.

The request object is the gateway to all data that view logic is built from (given what the browser sent us, do X, Y, Z) - therefore allowing it in the templates is akin to giving the template huge amounts of control which should be placed in the view under normal circumstances. The idea is to populate the template context with specifics, not everything.

Removing them is just some more encouragement that "most things should be done in the view". The common django.contrib apps mostly don't rely on it, if it's not required by default.

And of course, that's further proof the request object isn't necessary in the template except for special use cases.

That's my take, anyways.