JsonResponse class, including comment wrapping. Extensions to other kinds of CSRF protection should be obvious. Good explanations of why such protections are needed would make excellent comments on this snippet.
This depends on the
json_encode method in snippet 800.
1 2 3 4 5 6 7 8 9 10 11 12
from snippet 800 import json_encode from django.http import HttpResponse class JsonResponse(HttpResponse): '''Like an HttpResponse, but encodes the data as JSON. The file-like operations probably won't do what you want.''' def __init__(self, obj, comment=True, **kw): json = json_encode(obj) if comment: # Put the JSON in comments to avoid CSRF issues: json = '/* %s */' % json super(JsonResponse, self).__init__(json, mimetype='application/json', **kw)
More like this
- codigo alto nivel by MrRocklion 1 month ago
- Load template from specific app by Krzysiek555 1 month, 3 weeks ago
- PostgreSQL JSON subqueries by dolamroth 1 month, 3 weeks ago
- "Magic Link" Management Command by webology 7 months ago
- Closest ORM models to a latitude/longitude point by simonw 7 months ago