orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: :mimetype:application/json

Browse source
This commit is contained in:
defuz 2014-11-05 07:43:00 +03:00
parent 663802e976
commit d4b9b9854c
6 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/htmlfaq.rst
View file

@ -16,7 +16,7 @@ However, barely any websites on the Internet are actual XHTML (which is
HTML processed using XML rules). There are a couple of major reasons
why this is the case. One of them is Internet Explorer's lack of proper
XHTML support. The XHTML spec states that XHTML must be served with the MIME
type `application/xhtml+xml`, but Internet Explorer refuses to read files
type :mimetype:`application/xhtml+xml`, but Internet Explorer refuses to read files
with that MIME type.
While it is relatively easy to configure Web servers to serve XHTML properly,
few people do. This is likely because properly using XHTML can be quite

2
docs/patterns/apierrors.rst
View file

@ -4,7 +4,7 @@ Implementing API Exceptions
It's very common to implement RESTful APIs on top of Flask. One of the
first thing that developers run into is the realization that the builtin
exceptions are not expressive enough for APIs and that the content type of
``text/html`` they are emitting is not very useful for API consumers.
:mimetype:`text/html` they are emitting is not very useful for API consumers.
The better solution than using ``abort`` to signal errors for invalid API
usage is to implement your own exception type and install an error handler

2
docs/quickstart.rst
View file

@ -708,7 +708,7 @@ About Responses
The return value from a view function is automatically converted into a
response object for you. If the return value is a string it's converted
into a response object with the string as response body, a ``200 OK``
status code and a ``text/html`` mimetype. The logic that Flask applies to
status code and a :mimetype:`text/html` mimetype. The logic that Flask applies to
converting return values into response objects is as follows:
1. If a response object of the correct type is returned it's directly

4
docs/security.rst
View file

@ -161,8 +161,8 @@ and social engineers a victim to visiting his site:
If you know a bit of JavaScript internals you might know that it's
possible to patch constructors and register callbacks for setters. An
attacker can use this (like above) to get all the data you exported in
your JSON file. The browser will totally ignore the ``application/json``
mimetype if ``text/javascript`` is defined as content type in the script
your JSON file. The browser will totally ignore the :mimetype:`application/json`
mimetype if :mimetype:`text/javascript` is defined as content type in the script
tag and evaluate that as JavaScript. Because top-level array elements are
allowed (albeit useless) and we hooked in our own constructor, after that
page loaded the data from the JSON response is in the `captured` array.