o h @s@ddlZddlmZddlmZddlmZGdddeZdS)N)settings)HttpResponsePermanentRedirect)MiddlewareMixincs.eZdZdfdd ZddZddZZS) SecurityMiddlewareNcsbt|tj|_tj|_tj|_tj |_ tj |_ tj |_tj|_ddtjD|_tj|_dS)NcSsg|]}t|qS)recompile).0rrrb/var/www/html/magazine_api/magazine_env/lib/python3.10/site-packages/django/middleware/security.py sz/SecurityMiddleware.__init__..)super__init__rZSECURE_HSTS_SECONDS sts_secondsZSECURE_HSTS_INCLUDE_SUBDOMAINSsts_include_subdomainsZSECURE_HSTS_PRELOAD sts_preloadZSECURE_CONTENT_TYPE_NOSNIFFcontent_type_nosniffZSECURE_BROWSER_XSS_FILTER xss_filterZSECURE_SSL_REDIRECTredirectZSECURE_SSL_HOST redirect_hostZSECURE_REDIRECT_EXEMPTredirect_exemptZSECURE_REFERRER_POLICYreferrer_policy)selfZ get_response __class__rr r s  zSecurityMiddleware.__init__cs`|jd|jr*|s,tfdd|jDs.|jp|}td|| fSdSdSdS)N/c3s|]}|VqdSN)search)r patternpathrr sz5SecurityMiddleware.process_request..z https://%s%s) r lstripr is_secureanyrrget_hostrZ get_full_path)rrequesthostrrr process_requests   z"SecurityMiddleware.process_requestc Cs|jr#|r#d|vr#d|j}|jr|d}|jr|d}||jd<|jr-|jdd|jr7|jdd|jrV|jd d t |jt rQd d |j d Dn|j|S) NzStrict-Transport-Securityz max-age=%sz; includeSubDomainsz ; preloadzX-Content-Type-OptionsZnosniffzX-XSS-Protectionz 1; mode=blockzReferrer-Policy,cSsg|]}|qSr)strip)r vrrr r 5sz7SecurityMiddleware.process_response..) rr#rrheadersr setdefaultrrjoin isinstancestrsplit)rr&responseZ sts_headerrrr process_response!s&    z#SecurityMiddleware.process_responser)__name__ __module__ __qualname__rr(r3 __classcell__rrrr rs  r)rZ django.confrZ django.httprZdjango.utils.deprecationrrrrrr s