last_modified(last_modified_func) [source] These decorators can be used to generate ETag and Last-Modified headers; see conditional view processing.

etag(etag_func) [source]

condition(etag_func=None, last_modified_func=None) [source]

gzip_page() This decorator compresses content if the browser allows gzip compression. It sets the Vary header accordingly, so that caches will base their storage on the Accept-Encoding header.

sensitive_variables(*variables) [source] If a function (either a view or any regular callback) in your code uses local variables susceptible to contain sensitive information, you may prevent the values of those variables from being included in error reports using the sensitive_variables decorator: from django.views.decorators.debug import sensitive_variables @sensitive_variables('user', 'pw', 'cc') def process_info(user): pw = user.pass_word cc = user.credit_card_number name = u

sensitive_post_parameters(*parameters) [source] If one of your views receives an HttpRequest object with POST parameters susceptible to contain sensitive information, you may prevent the values of those parameters from being included in the error reports using the sensitive_post_parameters decorator: from django.views.decorators.debug import sensitive_post_parameters @sensitive_post_parameters('pass_word', 'credit_card_number') def record_user_profile(request): UserProfile.create(

requires_csrf_token(view) Normally the csrf_token template tag will not work if CsrfViewMiddleware.process_view or an equivalent like csrf_protect has not run. The view decorator requires_csrf_token can be used to ensure the template tag does work. This decorator works similarly to csrf_protect, but never rejects an incoming request. Example: from django.views.decorators.csrf import requires_csrf_token from django.shortcuts import render @requires_csrf_token def my_view(request): c = {}

ensure_csrf_cookie(view) This decorator forces a view to send the CSRF cookie.

csrf_protect(view) Decorator that provides the protection of CsrfViewMiddleware to a view. Usage: from django.views.decorators.csrf import csrf_protect from django.shortcuts import render @csrf_protect def my_view(request): c = {} # ... return render(request, "a_template.html", c) If you are using class-based views, you can refer to Decorating class-based views.

csrf_exempt(view) [source] This decorator marks a view as being exempt from the protection ensured by the middleware. Example: from django.views.decorators.csrf import csrf_exempt from django.http import HttpResponse @csrf_exempt def my_view(request): return HttpResponse('Hello world')