JsonResponse class, including comment wrapping. Extensions to other kinds of CSRF protection should be obvious. Good explanations of why such protections are needed would make excellent comments on this snippet.
This depends on the
json_encode method in snippet 800.
1 2 3 4 5 6 7 8 9 10 11 12
from snippet 800 import json_encode from django.http import HttpResponse class JsonResponse(HttpResponse): '''Like an HttpResponse, but encodes the data as JSON. The file-like operations probably won't do what you want.''' def __init__(self, obj, comment=True, **kw): json = json_encode(obj) if comment: # Put the JSON in comments to avoid CSRF issues: json = '/* %s */' % json super(JsonResponse, self).__init__(json, mimetype='application/json', **kw)
More like this
- Serializer factory with Django Rest Framework by julio 5 months, 4 weeks ago
- Image compression before saving the new model / work with JPG, PNG by Schleidens 6 months, 2 weeks ago
- Help text hyperlinks by sa2812 7 months, 1 week ago
- Stuff by NixonDash 9 months, 2 weeks ago
- Add custom fields to the built-in Group model by jmoppel 11 months, 3 weeks ago