search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
App Engine Python SDK version 1.7.4 (2)
[gae.git] / python / lib / django_1_4 / django / views / decorators / clickjacking.py
blobfcd78871ddb4e34521b6b3335d89d5680d6f57af
1 from functools import wraps
2
3 from django.utils.decorators import available_attrs
4
5
6 def xframe_options_deny(view_func):
7 """
8 Modifies a view function so its response has the X-Frame-Options HTTP
9 header set to 'DENY' as long as the response doesn't already have that
10 header set.
11
12 e.g.
13
14 @xframe_options_deny
15 def some_view(request):
16 ...
17
18 """
19 def wrapped_view(*args, **kwargs):
20 resp = view_func(*args, **kwargs)
21 if resp.get('X-Frame-Options', None) is None:
22 resp['X-Frame-Options'] = 'DENY'
23 return resp
24 return wraps(view_func, assigned=available_attrs(view_func))(wrapped_view)
25
26
27 def xframe_options_sameorigin(view_func):
28 """
29 Modifies a view function so its response has the X-Frame-Options HTTP
30 header set to 'SAMEORIGIN' as long as the response doesn't already have
31 that header set.
32
33 e.g.
34
35 @xframe_options_sameorigin
36 def some_view(request):
37 ...
38
39 """
40 def wrapped_view(*args, **kwargs):
41 resp = view_func(*args, **kwargs)
42 if resp.get('X-Frame-Options', None) is None:
43 resp['X-Frame-Options'] = 'SAMEORIGIN'
44 return resp
45 return wraps(view_func, assigned=available_attrs(view_func))(wrapped_view)
46
47
48 def xframe_options_exempt(view_func):
49 """
50 Modifies a view function by setting a response variable that instructs
51 XFrameOptionsMiddleware to NOT set the X-Frame-Options HTTP header.
52
53 e.g.
54
55 @xframe_options_exempt
56 def some_view(request):
57 ...
58
59 """
60 def wrapped_view(*args, **kwargs):
61 resp = view_func(*args, **kwargs)
62 resp.xframe_options_exempt = True
63 return resp
64 return wraps(view_func, assigned=available_attrs(view_func))(wrapped_view)
google appengine git mirror