mirror of
https://github.com/encode/django-rest-framework.git
synced 2024-11-29 21:14:01 +03:00
Latest docs build
This commit is contained in:
parent
d2d1914e2e
commit
5e7547cd3f
|
@ -311,7 +311,10 @@ def user_count_view(request, format=None):
|
|||
<h2 id="jsonprenderer">JSONPRenderer</h2>
|
||||
<p>Renders the request data into <code>JSONP</code>. The <code>JSONP</code> media type provides a mechanism of allowing cross-domain AJAX requests, by wrapping a <code>JSON</code> response in a javascript callback.</p>
|
||||
<p>The javascript callback function must be set by the client including a <code>callback</code> URL query parameter. For example <code>http://example.com/api/users?callback=jsonpCallback</code>. If the callback function is not explicitly set by the client it will default to <code>'callback'</code>.</p>
|
||||
<p><strong>Note</strong>: If you require cross-domain AJAX requests, you may want to consider using the more modern approach of <a href="http://www.w3.org/TR/cors/">CORS</a> as an alternative to <code>JSONP</code>. See the <a href="../topics/ajax-csrf-cors">CORS documentation</a> for more details.</p>
|
||||
<hr />
|
||||
<p><strong>Warning</strong>: If you require cross-domain AJAX requests, you should almost certainly be using the more modern approach of <a href="http://www.w3.org/TR/cors/">CORS</a> as an alternative to <code>JSONP</code>. See the <a href="../topics/ajax-csrf-cors">CORS documentation</a> for more details.</p>
|
||||
<p>The <code>jsonp</code> approach is essentially a browser hack, and is <a href="http://stackoverflow.com/questions/613962/is-jsonp-safe-to-use">only appropriate for globally readable API endpoints</a>, where <code>GET</code> requests are unauthenticated and do not require any user permissions.</p>
|
||||
<hr />
|
||||
<p><strong>.media_type</strong>: <code>application/javascript</code></p>
|
||||
<p><strong>.format</strong>: <code>'.jsonp'</code></p>
|
||||
<p><strong>.charset</strong>: <code>utf-8</code></p>
|
||||
|
|
|
@ -298,9 +298,9 @@ This method is used to enforce permissions and throttling, and perform content n
|
|||
def hello_world(request):
|
||||
return Response({"message": "Hello, world!"})
|
||||
</code></pre>
|
||||
<p>This view will use the default renderers, parsers, authentication classes etc specified in the <a href="api-guide/settings">settings</a>.</p>
|
||||
<p>This view will use the default renderers, parsers, authentication classes etc specified in the <a href="settings">settings</a>.</p>
|
||||
<h2 id="api-policy-decorators">API policy decorators</h2>
|
||||
<p>To override the default settings, REST framework provides a set of additional decorators which can be added to your views. These must come <em>after</em> (below) the <code>@api_view</code> decorator. For example, to create a view that uses a <a href="api-guide/throttling">throttle</a> to ensure it can only be called once per day by a particular user, use the <code>@throttle_classes</code> decorator, passing a list of throttle classes:</p>
|
||||
<p>To override the default settings, REST framework provides a set of additional decorators which can be added to your views. These must come <em>after</em> (below) the <code>@api_view</code> decorator. For example, to create a view that uses a <a href="throttling">throttle</a> to ensure it can only be called once per day by a particular user, use the <code>@throttle_classes</code> decorator, passing a list of throttle classes:</p>
|
||||
<pre class="prettyprint lang-py"><code>from rest_framework.decorators import api_view, throttle_classes
|
||||
from rest_framework.throttling import UserRateThrottle
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user