python – Django Clickjacking Protection resp.get(‘X-Frame-

解决方案：iframe和javascript显示加载gif,直到iframe从单一登录提供程序返回响应为止.如果SSO提供程序响应是用户当前已登录,则Django会对用户服务器端进行身份验证,并且javascript会将用户重定向到Web应用程序.如果SSO提供程序响应是用户未登录,则javascript将使用登录表单替换加载gif.

使用Django == 1.9.9,Python 2：

我们的get调用是用@xframe_options_sameorigin修饰的,但最近有时开始返回此错误：

2016-09-25 16:38:27,598 | django.request            | ERROR    | Internal Server Error: /accounts/open-id-finish/
Traceback (most recent call last):
File "/lib/python2.7/site-packages/django/core/handlers/base.py",line 149,in get_response
  response = self.process_exception_by_middleware(e,request)
File "/lib/python2.7/site-packages/django/core/handlers/base.py",line 147,in get_response
  response = wrapped_callback(request,*callback_args,**callback_kwargs)
File "/opt/virtualenv/local/lib/python2.7/site-packages/django/views/generic/base.py",line 68,in view
  return self.dispatch(request,*args,**kwargs)
File "/opt/virtualenv/local/lib/python2.7/site-packages/django/views/generic/base.py",line 88,in dispatch
  return handler(request,**kwargs)
File "/opt/virtualenv/local/lib/python2.7/site-packages/django/views/decorators/clickjacking.py",line 40,in wrapped_view
  if resp.get('X-Frame-Options') is None:
AttributeError: 'NoneType' object has no attribute 'get'

这个错误来自哪里？ Django 1.9中的@xframe_options_sameorigin有变化吗？有时候我们的get函数怎么可能是NoneType？