Represents the non-IO parts of an HTTP response, specifically the status and headers but not the body. This class is not meant for general use. It should only be used when implementing WSGI, ASGI, or another HTTP application spec. Werkzeug provides a WSGI implementation at :cls:`werkzeug.wrappers.Response`. :param status: The status code for the response. Either an int, in which case the default status message is added, or a string in the form ``{code} {message}``, like ``404 Not Found``. Defaults to 200. :param headers: A :class:`~werkzeug.datastructures.Headers` object, or a list of ``(key, value)`` tuples that will be converted to a ``Headers`` object. :param mimetype: The mime type (content type without charset or other parameters) of the response. If the value starts with ``text/`` (or matches some other special cases), the charset will be added to create the ``content_type``. :param content_type: The full content type of the response. Overrides building the value from ``mimetype``. .. versionadded:: 2.0
Method | __init__ |
Undocumented |
Method | __repr__ |
Undocumented |
Method | access |
Undocumented |
Method | content |
Undocumented |
Method | content |
Undocumented |
Method | content |
Undocumented |
Method | delete |
Delete a cookie. Fails silently if key doesn't exist. |
Method | get |
Return a tuple in the form ``(etag, is_weak)``. If there is no ETag the return value is ``(None, None)``. |
Method | mimetype |
Undocumented |
Method | retry |
Undocumented |
Method | set |
Sets a cookie. |
Method | set |
Set the etag, and override the old one if there was one. |
Method | status |
Undocumented |
Method | status |
Undocumented |
Class Variable | accept |
Undocumented |
Class Variable | access |
Undocumented |
Class Variable | access |
Undocumented |
Class Variable | access |
Undocumented |
Class Variable | access |
Undocumented |
Class Variable | access |
Undocumented |
Class Variable | age |
Undocumented |
Class Variable | allow |
Undocumented |
Class Variable | charset |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | content |
Undocumented |
Class Variable | cross |
Undocumented |
Class Variable | cross |
Undocumented |
Class Variable | date |
Undocumented |
Class Variable | default |
Undocumented |
Class Variable | default |
Undocumented |
Class Variable | expires |
Undocumented |
Class Variable | last |
Undocumented |
Class Variable | location |
Undocumented |
Class Variable | max |
Undocumented |
Class Variable | vary |
Undocumented |
Instance Variable | headers |
Undocumented |
Property | access |
Whether credentials can be shared by the browser to JavaScript code. As part of the preflight request it indicates whether credentials can be used on the cross origin request. |
Property | cache |
The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. |
Property | content |
The ``Content-Range`` header as a :class:`~werkzeug.datastructures.ContentRange` object. Available even if the header is not set. |
Property | content |
The ``Content-Security-Policy`` header as a :class:`~werkzeug.datastructures.ContentSecurityPolicy` object. Available even if the header is not set. |
Property | content |
The ``Content-Security-policy-report-only`` header as a :class:`~werkzeug.datastructures.ContentSecurityPolicy` object. Available even if the header is not set. |
Property | is |
Check if the mimetype indicates JSON data, either :mimetype:`application/json` or :mimetype:`application/*+json`. |
Property | mimetype |
The mimetype (content type without charset etc.) |
Property | mimetype |
The mimetype parameters as dict. For example if the content type is ``text/html; charset=utf-8`` the params would be ``{'charset': 'utf-8'}``. |
Property | retry |
The Retry-After response-header field can be used with a 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to the requesting client. |
Property | status |
The HTTP status code as a string. |
Property | status |
The HTTP status code as a number. |
Property | www |
The ``WWW-Authenticate`` header in a parsed form. |
Method | _clean |
Undocumented |
Instance Variable | _status |
Undocumented |
Instance Variable | _status |
Undocumented |
t.Optional[ t.Union[ int, str, HTTPStatus]]
= None, headers: t.Optional[ t.Union[ t.Mapping[ str, t.Union[ str, int, t.Iterable[ t.Union[ str, int]]]], t.Iterable[ t.Tuple[ str, t.Union[ str, int]]]]]
= None, mimetype: t.Optional[ str]
= None, content_type: t.Optional[ str]
= None):
(source)
¶
werkzeug.wrappers.response.Response
Undocumented
def access_control_allow_credentials(self, value:
t.Optional[ bool]
):
(source)
¶
Undocumented
def content_range(self, value:
t.Optional[ t.Union[ ContentRange, str]]
):
(source)
¶
Undocumented
def content_security_policy(self, value:
t.Optional[ t.Union[ ContentSecurityPolicy, str]]
):
(source)
¶
Undocumented
def content_security_policy_report_only(self, value:
t.Optional[ t.Union[ ContentSecurityPolicy, str]]
):
(source)
¶
Undocumented
str
, path: str
= '/', domain: t.Optional[ str]
= None, secure: bool
= False, httponly: bool
= False, samesite: t.Optional[ str]
= None):
(source)
¶
Delete a cookie. Fails silently if key doesn't exist. :param key: the key (name) of the cookie to be deleted. :param path: if the cookie that should be deleted was limited to a path, the path has to be defined here. :param domain: if the cookie that should be deleted was limited to a domain, that domain has to be defined here. :param secure: If ``True``, the cookie will only be available via HTTPS. :param httponly: Disallow JavaScript access to the cookie. :param samesite: Limit the scope of the cookie to only be attached to requests that are "same-site".
Return a tuple in the form ``(etag, is_weak)``. If there is no ETag the return value is ``(None, None)``.
def retry_after(self, value:
t.Optional[ t.Union[ datetime, int, str]]
):
(source)
¶
Undocumented
str
, value: str
= '', max_age: t.Optional[ t.Union[ timedelta, int]]
= None, expires: t.Optional[ t.Union[ str, datetime, int, float]]
= None, path: t.Optional[ str]
= '/', domain: t.Optional[ str]
= None, secure: bool
= False, httponly: bool
= False, samesite: t.Optional[ str]
= None):
(source)
¶
Sets a cookie. A warning is raised if the size of the cookie header exceeds :attr:`max_cookie_size`, but the header will still be set. :param key: the key (name) of the cookie to be set. :param value: the value of the cookie. :param max_age: should be a number of seconds, or `None` (default) if the cookie should last only as long as the client's browser session. :param expires: should be a `datetime` object or UNIX timestamp. :param path: limits the cookie to a given path, per default it will span the whole domain. :param domain: if you want to set a cross-domain cookie. For example, ``domain=".example.com"`` will set a cookie that is readable by the domain ``www.example.com``, ``foo.example.com`` etc. Otherwise, a cookie will only be readable by the domain that set it. :param secure: If ``True``, the cookie will only be available via HTTPS. :param httponly: Disallow JavaScript access to the cookie. :param samesite: Limit the scope of the cookie to only be attached to requests that are "same-site".
Whether credentials can be shared by the browser to JavaScript code. As part of the preflight request it indicates whether credentials can be used on the cross origin request.
The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain.
werkzeug.wrappers.response.Response
The ``Content-Range`` header as a :class:`~werkzeug.datastructures.ContentRange` object. Available even if the header is not set. .. versionadded:: 0.7
The ``Content-Security-Policy`` header as a :class:`~werkzeug.datastructures.ContentSecurityPolicy` object. Available even if the header is not set. The Content-Security-Policy header adds an additional layer of security to help detect and mitigate certain types of attacks.
The ``Content-Security-policy-report-only`` header as a :class:`~werkzeug.datastructures.ContentSecurityPolicy` object. Available even if the header is not set. The Content-Security-Policy-Report-Only header adds a csp policy that is not enforced but is reported thereby helping detect certain types of attacks.
Check if the mimetype indicates JSON data, either :mimetype:`application/json` or :mimetype:`application/*+json`.
The mimetype parameters as dict. For example if the content type is ``text/html; charset=utf-8`` the params would be ``{'charset': 'utf-8'}``. .. versionadded:: 0.5
The Retry-After response-header field can be used with a 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to the requesting client. Time in seconds until expiration or date. .. versionchanged:: 2.0 The datetime object is timezone-aware.