class Response:
Represents the non-IO parts of an HTTP response, specifically the status and headers but not the body.
This class is not meant for general use. It should only be used when implementing WSGI, ASGI, or another HTTP application spec. Werkzeug provides a WSGI implementation at :cls:`werkzeug.wrappers.Response`.
| Parameters | |
| status | The status code for the response. Either an int, in which case the default status message is added, or a string in the form {code} {message}, like 404 Not Found. Defaults to 200. |
| headers | A ~werkzeug.datastructures.Headers object,
or a list of (key, value) tuples that will be converted to a
Headers object. |
| mimetype | The mime type (content type without charset or other parameters) of the response. If the value starts with text/ (or matches some other special cases), the charset will be added to create the content_type. |
| content_type | The full content type of the response. Overrides building the value from mimetype. |
| Method | __init__ |
Undocumented |
| Method | __repr__ |
Undocumented |
| Method | access_control_allow_credentials.setter |
Undocumented |
| Method | content_range.setter |
Undocumented |
| Method | content_security_policy.setter |
Undocumented |
| Method | content_security_policy_report_only.setter |
Undocumented |
| Method | delete_cookie |
Delete a cookie. Fails silently if key doesn't exist. |
| Method | get_etag |
Return a tuple in the form (etag, is_weak). If there is no ETag the return value is (None, None). |
| Method | mimetype.setter |
Undocumented |
| Method | retry_after.setter |
Undocumented |
| Method | set_cookie |
Sets a cookie. |
| Method | set_etag |
Set the etag, and override the old one if there was one. |
| Method | status.setter |
Undocumented |
| Method | status_code.setter |
Undocumented |
| Class Variable | accept_ranges |
Undocumented |
| Class Variable | access_control_allow_headers |
Undocumented |
| Class Variable | access_control_allow_methods |
Undocumented |
| Class Variable | access_control_allow_origin |
Undocumented |
| Class Variable | access_control_expose_headers |
Undocumented |
| Class Variable | access_control_max_age |
Undocumented |
| Class Variable | age |
Undocumented |
| Class Variable | allow |
Undocumented |
| Class Variable | charset |
Undocumented |
| Class Variable | content_encoding |
Undocumented |
| Class Variable | content_language |
Undocumented |
| Class Variable | content_length |
Undocumented |
| Class Variable | content_location |
Undocumented |
| Class Variable | content_md5 |
Undocumented |
| Class Variable | content_type |
Undocumented |
| Class Variable | cross_origin_embedder_policy |
Undocumented |
| Class Variable | cross_origin_opener_policy |
Undocumented |
| Class Variable | date |
Undocumented |
| Class Variable | default_mimetype |
Undocumented |
| Class Variable | default_status |
Undocumented |
| Class Variable | expires |
Undocumented |
| Class Variable | last_modified |
Undocumented |
| Class Variable | location |
Undocumented |
| Class Variable | max_cookie_size |
Undocumented |
| Class Variable | vary |
Undocumented |
| Instance Variable | headers |
Undocumented |
| Property | access_control_allow_credentials |
Whether credentials can be shared by the browser to JavaScript code. As part of the preflight request it indicates whether credentials can be used on the cross origin request. |
| Property | cache_control |
The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. |
| Property | content_range |
The Content-Range header as a ~werkzeug.datastructures.ContentRange object. Available even if the header is not set. |
| Property | content_security_policy |
The Content-Security-Policy header as a ~werkzeug.datastructures.ContentSecurityPolicy object. Available even if the header is not set. |
| Property | content_security_policy_report_only |
The Content-Security-policy-report-only header as a ~werkzeug.datastructures.ContentSecurityPolicy object. Available even if the header is not set. |
| Property | is_json |
Check if the mimetype indicates JSON data, either :mimetype:`application/json` or :mimetype:`application/*+json`. |
| Property | mimetype |
The mimetype (content type without charset etc.) |
| Property | mimetype_params |
The mimetype parameters as dict. For example if the content type is text/html; charset=utf-8 the params would be {'charset': 'utf-8'}. |
| Property | retry_after |
The Retry-After response-header field can be used with a 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to the requesting client. |
| Property | status |
The HTTP status code as a string. |
| Property | status_code |
The HTTP status code as a number. |
| Property | www_authenticate |
The WWW-Authenticate header in a parsed form. |
| Method | _clean_status |
Undocumented |
| Instance Variable | _status |
Undocumented |
| Instance Variable | _status_code |
Undocumented |
Undocumented
| Parameters | |
status:t.Optional[ | Undocumented |
headers:t.Optional[ | Undocumented |
mimetype:t.Optional[ | Undocumented |
content_type:t.Optional[ | Undocumented |
| Parameters | |
key:str | the key (name) of the cookie to be deleted. |
path:str | if the cookie that should be deleted was limited to a path, the path has to be defined here. |
domain:t.Optional[ | if the cookie that should be deleted was limited to a domain, that domain has to be defined here. |
secure:bool | If True, the cookie will only be available via HTTPS. |
httponly:bool | Disallow JavaScript access to the cookie. |
samesite:t.Optional[ | Limit the scope of the cookie to only be attached to requests that are "same-site". |
| Returns | |
t.Union[ | Undocumented |
Sets a cookie.
A warning is raised if the size of the cookie header exceeds
max_cookie_size, but the header will still be set.
| Parameters | |
key:str | the key (name) of the cookie to be set. |
value:str | the value of the cookie. |
max_age:t.Optional[ | should be a number of seconds, or None (default) if
the cookie should last only as long as the client's
browser session. |
expires:t.Optional[ | should be a datetime object or UNIX timestamp. |
path:t.Optional[ | limits the cookie to a given path, per default it will span the whole domain. |
domain:t.Optional[ | if you want to set a cross-domain cookie. For example, domain=".example.com" will set a cookie that is readable by the domain www.example.com, foo.example.com etc. Otherwise, a cookie will only be readable by the domain that set it. |
secure:bool | If True, the cookie will only be available via HTTPS. |
httponly:bool | Disallow JavaScript access to the cookie. |
samesite:t.Optional[ | Limit the scope of the cookie to only be attached to requests that are "same-site". |
| Parameters | |
etag:str | Undocumented |
weak:bool | Undocumented |
bool =
The Content-Range header as a
~werkzeug.datastructures.ContentRange object. Available
even if the header is not set.
The Content-Security-Policy header as a
~werkzeug.datastructures.ContentSecurityPolicy object. Available
even if the header is not set.
The Content-Security-Policy header adds an additional layer of security to help detect and mitigate certain types of attacks.
The Content-Security-policy-report-only header as a
~werkzeug.datastructures.ContentSecurityPolicy object. Available
even if the header is not set.
The Content-Security-Policy-Report-Only header adds a csp policy that is not enforced but is reported thereby helping detect certain types of attacks.
bool =
t.Dict[ =
The mimetype parameters as dict. For example if the content type is text/html; charset=utf-8 the params would be {'charset': 'utf-8'}.
t.Optional[ =
The Retry-After response-header field can be used with a 503 (Service Unavailable) response to indicate how long the service is expected to be unavailable to the requesting client.
Time in seconds until expiration or date.