Flask - (3)

Http responses with flask

2019-12-25
by cS


The Flask object gives us a couple of decorators that we can use to toggle with the request after and before in its life cycle.

from flask import response
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Attaching some headers to the response

headers = {
    'X-Frame-Options'           : 'deny',
    'X-Content-Type-Options'    : 'nosniff',
    'X-XSS-Protection'          : '1; mode=block',
    'Strict-Transport-Security' : 'max-age=31536000; includeSubdomains; preload'
}

@app.after_request
def toggle_headers(response):

    # there are other ways, like updating the headers.
    for key, value in  headers.items():
        response.headers[key] = value
    return response

To assert that the headers have been set to the response in most Unix consoles we can do.

curl -I http://127.0.0.1:8080 --progress-bar