## Use um parâmetro `Response` { #use-a-response-parameter }

Você pode declarar um parâmetro do tipo `Response` em sua *função de operação de rota* (assim como você pode fazer para cookies e headers).

E então você pode definir o `status_code` neste objeto de retorno *temporal*.

{* ../../docs_src/response_change_status_code/tutorial001_py310.py hl[1,9,12] *}

* path operation: path operation (do not translate to "operación de ruta")
* path (as in URL path): path (do not translate to "ruta")
* query (as in URL query): query (do not translate to "consulta")
* cookie (as in HTTP cookie): cookie
* header (as in HTTP header): header
* form (as in HTML form): formulario
* type checks: chequeo de tipos
* parse: parse
* parsing: parsing
* marshall: marshall

## Wildcards { #wildcards }

It's also possible to declare the list as `"*"` (a "wildcard") to say that all are allowed.

But that will only allow certain types of communication, excluding everything that involves credentials: Cookies, Authorization headers like those used with Bearer Tokens, etc.

So, for everything to work correctly, it's better to specify explicitly the allowed origins.

## Use `CORSMiddleware` { #use-corsmiddleware }

    from fastapi import (
        Cookie,
        FastAPI,
        WebSocket,
        WebSocketException,
        status,
    )

    app = FastAPI()

    @app.websocket("/items/{item_id}/ws")
    async def websocket_endpoint(
        *,
        websocket: WebSocket,
        session: Annotated[str | None, Cookie()] = None,
        item_id: str,
    ):

你可以在你的路徑操作函式（path operation function）中宣告一個 `Response` 型別的參數（就像你可以對 Cookies 和標頭那樣）。

接著你可以在那個「*暫時的*」回應物件上設定 `status_code`。

{* ../../docs_src/response_change_status_code/tutorial001_py310.py hl[1,9,12] *}

然後你可以照常回傳任何需要的物件（例如 `dict`、資料庫模型等）。

若你宣告了 `response_model`，它仍會被用來過濾並轉換你回傳的物件。

**FastAPI** 會使用那個「*暫時的*」回應來取得狀態碼（以及 Cookies 和標頭），並將它們放入最終回應中；最終回應包含你回傳的值，且會被任何 `response_model` 過濾。

## `Response` パラメータを使う { #use-a-response-parameter }

（Cookie と同様に）*path operation 関数*で `Response` 型のパラメータを宣言できます。

そして、その*一時的*なレスポンスオブジェクトにヘッダーを設定できます。

{* ../../docs_src/response_headers/tutorial002_py310.py hl[1, 7:8] *}

その後は通常どおり、必要な任意のオブジェクト（`dict`、データベースモデルなど）を返せます。

`response_model` を宣言している場合は、返したオブジェクトのフィルタと変換に引き続き使用されます。

**FastAPI** はその*一時的*なレスポンスからヘッダー（Cookie やステータスコードも含む）を取り出し、`response_model` によってフィルタされた返却値を含む最終的なレスポンスに反映します。

        assertEquals(Integer.valueOf(3600), defaultExpire);
    }

    // Test cookie cipher
    @Test
    public void test_provideCookieCipher() {
        // provideCookieCipher is not directly exposed anymore
        // Testing through cookie spec creation instead
        // CookieSpec is not directly available for testing
        assertNotNull(cookieResourceProvider);
    }

pkg net, type ListenConfig struct, KeepAliveConfig KeepAliveConfig #62254
pkg net/http, func ParseCookie(string) ([]*Cookie, error) #66008
pkg net/http, func ParseSetCookie(string) (*Cookie, error) #66008
pkg net/http, method (*Request) CookiesNamed(string) []*Cookie #61472
pkg net/http, type Cookie struct, Partitioned bool #62490
pkg net/http, type Cookie struct, Quoted bool #46443
pkg net/http, type Request struct, Pattern string #66405

    * JSON.
    * Parâmetros de path.
    * Parâmetros query.
    * Cookies.
    * Cabeçalhos.
    * Formulários.
    * Arquivos.

También es posible declarar la lista como `"*"` (un "comodín") para decir que todos están permitidos.

Pero eso solo permitirá ciertos tipos de comunicación, excluyendo todo lo que implique credenciales: Cookies, headers de autorización como los utilizados con Bearer Tokens, etc.

Así que, para que todo funcione correctamente, es mejor especificar explícitamente los orígenes permitidos.

## Usa `CORSMiddleware` { #use-corsmiddleware }