#17942: JSONResponse class for API responses
-------------------------------+-------------------------------------------
Reporter: leahculver | Owner: LukaszBalcerzak
Type: New feature | Status: assigned
Component: HTTP handling | Version: master
Severity: Normal | Resolution:
Keywords: dceu13 | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 0 | UI/UX: 0
-------------------------------+-------------------------------------------
Changes (by erikr):
* cc: eromijn@… (added)
* keywords: => dceu13
* needs_better_patch: 0 => 1
Comment:
I haven't done a very thorough review right now, but I do notice a few
issues:
* Is the adding of JSON_RESPONSE_DEFAULT_ENCODER really essential? In
general, we try not to add new settings unless it is really needed. For
this configuration, which can also be done when creating each
JSONResponse, I would not add a global setting at this time. We can always
add it later, but if we add it now it will be very difficult to remove it
at a later time.
* I don't entirely understand JSON_RESPONSE_ALLOW_DICTS_ONLY. For who is
there an attack vector against who when Array() is poisoned? In other
words, what risk/breakage is introduced by setting this to False?
* I'm not entirely convinced that in `_default_content_type`, the
underscore is appropriate. Although I see the point from Python
conventions, I rarely see the single underscore prefix in Django, so
perhaps there is some intention not to use this in Django.
* The documentation text doesn't seem to flow very well. It's difficult
for me to point out exactly what my issue with it is - I'll happily modify
it for you, but I'm not able to do that right now.
* As far as I know, we have just adopted the plan to make all code samples
in Django include their import path. I am not 100% sure of this. If this
is the case, it would be good to add them to this patch too.
--
Ticket URL: <https://code.djangoproject.com/ticket/17942#comment:7>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
