MCPcopy
hub / github.com/django/django / process_response

Method process_response

django/middleware/security.py:33–66  ·  view source on GitHub ↗
(self, request, response)

Source from the content-addressed store, hash-verified

31 )
32
33 def process_response(self, request, response):
34 if (
35 self.sts_seconds
36 and request.is_secure()
37 and "Strict-Transport-Security" not in response
38 ):
39 sts_header = "max-age=%s" % self.sts_seconds
40 if self.sts_include_subdomains:
41 sts_header += "; includeSubDomains"
42 if self.sts_preload:
43 sts_header += "; preload"
44 response.headers["Strict-Transport-Security"] = sts_header
45
46 if self.content_type_nosniff:
47 response.headers.setdefault("X-Content-Type-Options", "nosniff")
48
49 if self.referrer_policy:
50 # Support a comma-separated string or iterable of values to allow
51 # fallback.
52 response.headers.setdefault(
53 "Referrer-Policy",
54 ",".join(
55 [v.strip() for v in self.referrer_policy.split(",")]
56 if isinstance(self.referrer_policy, str)
57 else self.referrer_policy
58 ),
59 )
60
61 if self.cross_origin_opener_policy:
62 response.setdefault(
63 "Cross-Origin-Opener-Policy",
64 self.cross_origin_opener_policy,
65 )
66 return response

Callers

nothing calls this directly

Calls 4

is_secureMethod · 0.45
setdefaultMethod · 0.45
joinMethod · 0.45
splitMethod · 0.45

Tested by

no test coverage detected