- June 13, 2008
- json response jsonresponse
- 2 (after 2 ratings)
JsonResponse class, including comment wrapping. Extensions to other kinds of CSRF protection should be obvious. Good explanations of why such protections are needed would make excellent comments on this snippet.
This depends on the
json_encode method in snippet 800.
1 2 3 4 5 6 7 8 9 10 11 12
from snippet 800 import json_encode from django.http import HttpResponse class JsonResponse(HttpResponse): '''Like an HttpResponse, but encodes the data as JSON. The file-like operations probably won't do what you want.''' def __init__(self, obj, comment=True, **kw): json = json_encode(obj) if comment: # Put the JSON in comments to avoid CSRF issues: json = '/* %s */' % json super(JsonResponse, self).__init__(json, mimetype='application/json', **kw)
More like this
- Another means of updating a subset of a model's fields by insin 8 years, 5 months ago
- SignedForm: CSRF-protect forms with a hidden token field by exogen 7 years, 7 months ago
- JsonResponse by zakj 9 years ago
- Sanitize HTML filter with tag/attribute whitelist and XSS protection by harrym 6 years, 9 months ago
- Email on new comments by ubernostrum 8 years, 8 months ago