apifrom.utils.permissions_policyο
Overviewο
Classes
Functions
Classesο
- class apifrom.utils.permissions_policy.PermissionsPolicy(policy=None)[source]ο
- Parameters:
policy (Optional[PolicyDict])
Class for creating and validating Permissions-Policy headers.
The Permissions-Policy header is used to allow or deny the use of browser features in a document or in any embedded frames.
Initialize the permissions policy with the given directives.
- param policy:
A dictionary mapping feature names to their allowed origins
- apifrom.utils.permissions_policy._validate_policy()ο
Validates that all policy directives are recognized.
- apifrom.utils.permissions_policy.add_directive(feature, value)ο
Add a directive to the permissions policy.
- param feature:
The feature name
- param value:
The allowed origins or special values like βselfβ or βnoneβ
- apifrom.utils.permissions_policy.remove_directive(feature)ο
Remove a directive from the permissions policy.
- apifrom.utils.permissions_policy.to_header_value()ο
Convert the policy to a string for use in the Permissions-Policy header.
- returns:
The formatted header value
- class apifrom.utils.permissions_policy.PermissionsPolicyMiddleware(policy=None, exempt_paths=None)[source]ο
- Parameters:
policy (Optional[PermissionsPolicy])
exempt_paths (Optional[List[str]])
Middleware that adds Permissions-Policy headers to responses.
Initialize the permissions policy middleware.
- param policy:
The permissions policy to apply
- param exempt_paths:
Paths that should not have the policy applied
- apifrom.utils.permissions_policy.__call__(request, call_next)ο
- :async:
Process the request and add the Permissions-Policy header to the response.
- param request:
The HTTP request
- param call_next:
The next middleware or endpoint handler
- returns:
The HTTP response with permissions policy headers added
- apifrom.utils.permissions_policy._is_exempt(request)ο
Check if the request path is exempt from the permissions policy.
- class apifrom.utils.permissions_policy.Request(request=None, path_params=None, method=None, path=None, query_params=None, headers=None, body=None, client_ip=None)[source]ο
Request class for APIFromAnything.
This class wraps a Starlette request and provides methods for accessing request data in a convenient way.
- apifrom.utils.permissions_policy._requestο
The underlying Starlette request.
- apifrom.utils.permissions_policy.path_paramsο
Path parameters extracted from the URL.
- apifrom.utils.permissions_policy.query_paramsο
Query parameters extracted from the URL.
- apifrom.utils.permissions_policy.headersο
HTTP headers.
- apifrom.utils.permissions_policy.methodο
HTTP method.
- apifrom.utils.permissions_policy.pathο
Request path.
- apifrom.utils.permissions_policy._bodyο
Cached request body.
Initialize a new Request instance.
- param request:
The underlying Starlette request.
- param path_params:
Path parameters extracted from the URL.
- param method:
The HTTP method.
- param path:
The request path.
- param query_params:
Query parameters.
- param headers:
HTTP headers.
- param body:
Request body.
- param client_ip:
Client IP address.
- class apifrom.utils.permissions_policy.Response(content=None, status_code=200, headers=None, content_type='application/json')[source]ο
Response class for APIFromAnything.
This class represents an HTTP response and provides methods for setting response data, status code, and headers.
- apifrom.utils.permissions_policy.contentο
The response content.
- apifrom.utils.permissions_policy.status_codeο
The HTTP status code.
- apifrom.utils.permissions_policy.headersο
HTTP headers.
- apifrom.utils.permissions_policy.content_typeο
The content type of the response.
Initialize a new Response instance.
- param content:
The response content.
- param status_code:
The HTTP status code.
- param headers:
HTTP headers.
- param content_type:
The content type of the response.
Functionsο
- apifrom.utils.permissions_policy.permissions_policy(accelerometer=None, ambient_light_sensor=None, autoplay=None, battery=None, camera=None, display_capture=None, document_domain=None, encrypted_media=None, execution_while_not_rendered=None, execution_while_out_of_viewport=None, fullscreen=None, gamepad=None, geolocation=None, gyroscope=None, layout_animations=None, legacy_image_formats=None, magnetometer=None, microphone=None, midi=None, navigation_override=None, oversized_images=None, payment=None, picture_in_picture=None, publickey_credentials_get=None, screen_wake_lock=None, sync_xhr=None, usb=None, vr=None, wake_lock=None, web_share=None, xr_spatial_tracking=None, clipboard_read=None, clipboard_write=None, cross_origin_isolated=None, idle_detection=None, interest_cohort=None, serial=None)[source]ο
- Parameters:
accelerometer (Optional[DirectiveValue])
ambient_light_sensor (Optional[DirectiveValue])
autoplay (Optional[DirectiveValue])
battery (Optional[DirectiveValue])
camera (Optional[DirectiveValue])
display_capture (Optional[DirectiveValue])
document_domain (Optional[DirectiveValue])
encrypted_media (Optional[DirectiveValue])
execution_while_not_rendered (Optional[DirectiveValue])
execution_while_out_of_viewport (Optional[DirectiveValue])
fullscreen (Optional[DirectiveValue])
gamepad (Optional[DirectiveValue])
geolocation (Optional[DirectiveValue])
gyroscope (Optional[DirectiveValue])
layout_animations (Optional[DirectiveValue])
legacy_image_formats (Optional[DirectiveValue])
magnetometer (Optional[DirectiveValue])
microphone (Optional[DirectiveValue])
midi (Optional[DirectiveValue])
navigation_override (Optional[DirectiveValue])
oversized_images (Optional[DirectiveValue])
payment (Optional[DirectiveValue])
picture_in_picture (Optional[DirectiveValue])
publickey_credentials_get (Optional[DirectiveValue])
screen_wake_lock (Optional[DirectiveValue])
sync_xhr (Optional[DirectiveValue])
usb (Optional[DirectiveValue])
vr (Optional[DirectiveValue])
wake_lock (Optional[DirectiveValue])
web_share (Optional[DirectiveValue])
xr_spatial_tracking (Optional[DirectiveValue])
clipboard_read (Optional[DirectiveValue])
clipboard_write (Optional[DirectiveValue])
cross_origin_isolated (Optional[DirectiveValue])
idle_detection (Optional[DirectiveValue])
interest_cohort (Optional[DirectiveValue])
serial (Optional[DirectiveValue])
- Return type:
Creates a permissions policy with the specified directives.
Each directive can be set to: - βselfβ: allows the feature to be used only in the same origin - βnoneβ: disables the feature - β*β: allows the feature to be used in any origin - List of strings: specifies allowed origins for the feature
- param accelerometer:
Controls access to accelerometer sensors
- param ambient_light_sensor:
Controls access to ambient light sensors
- param autoplay:
Controls whether media can autoplay
- param battery:
Controls access to Battery Status API
- param camera:
Controls access to video input devices
- param display_capture:
Controls the ability to capture screen content
- param document_domain:
Controls use of document.domain API
- param encrypted_media:
Controls access to Encrypted Media Extensions
- param execution_while_not_rendered:
Controls execution when not rendered
- param execution_while_out_of_viewport:
Controls execution when out of viewport
- param fullscreen:
Controls the ability to use fullscreen mode
- param gamepad:
Controls access to the Gamepad API
- param geolocation:
Controls access to Geolocation API
- param gyroscope:
Controls access to gyroscope sensors
- param layout_animations:
Controls the use of layout animations
- param legacy_image_formats:
Controls use of legacy image formats
- param magnetometer:
Controls access to magnetometer sensors
- param microphone:
Controls access to audio input devices
- param midi:
Controls access to the Web MIDI API
- param navigation_override:
Controls the ability to override navigation
- param oversized_images:
Controls the loading of oversized images
- param payment:
Controls access to the Payment Request API
- param picture_in_picture:
Controls the use of picture-in-picture mode
- param publickey_credentials_get:
Controls access to WebAuthn API
- param screen_wake_lock:
Controls the Screen Wake Lock API
- param sync_xhr:
Controls synchronous XHR requests
- param usb:
Controls access to the WebUSB API
- param vr:
Controls access to VR hardware through the WebVR API
- param wake_lock:
Controls the Wake Lock API
- param web_share:
Controls the Web Share API
- param xr_spatial_tracking:
Controls access to WebXR Device API
- param clipboard_read:
Controls read access to the clipboard
- param clipboard_write:
Controls write access to the clipboard
- param cross_origin_isolated:
Controls cross-origin isolation
- param idle_detection:
Controls the Idle Detection API
- param interest_cohort:
Controls the FLoC (Federated Learning of Cohorts) API
- param serial:
Controls access to the Web Serial API
- returns:
A PermissionsPolicy instance