Login

Another JsonResponse

Author:
kcarnold
Posted:
June 13, 2008
Language:
Python
Version:
.96
Tags:
json response jsonresponse
Score:
2 (after 2 ratings)

Another JsonResponse class, including comment wrapping. Extensions to other kinds of CSRF protection should be obvious. Good explanations of why such protections are needed would make excellent comments on this snippet.

This depends on the json_encode method in snippet 800.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
from snippet 800 import json_encode

from django.http import HttpResponse
class JsonResponse(HttpResponse):
    '''Like an HttpResponse, but encodes the data as JSON.
    The file-like operations probably won't do what you want.'''
    def __init__(self, obj, comment=True, **kw):
        json = json_encode(obj)
        if comment:
            # Put the JSON in comments to avoid CSRF issues:
            json = '/* %s */' % json
        super(JsonResponse, self).__init__(json, mimetype='application/json', **kw)

More like this

  1. Another means of updating a subset of a model's fields by insin 7 years, 4 months ago
  2. SignedForm: CSRF-protect forms with a hidden token field by exogen 6 years, 6 months ago
  3. Sanitize HTML filter with tag/attribute whitelist and XSS protection by harrym 5 years, 8 months ago
  4. Email on new comments by ubernostrum 7 years, 7 months ago
  5. JsonResponse by zakj 7 years, 12 months ago

Comments

Please login first before commenting.