o {Ð,h¼ã@s0dZddlmZddlmZGdd„deƒZdS)z° Clickjacking Protection Middleware. This module provides a middleware that implements protection against a malicious site loading resources from your site in a hidden frame. é)Úsettings)ÚMiddlewareMixinc@s eZdZdZdd„Zdd„ZdS)ÚXFrameOptionsMiddlewareaî Set the X-Frame-Options HTTP header in HTTP responses. Do not set the header if it's already set or if the response contains a xframe_options_exempt value set to True. By default, set the X-Frame-Options header to 'DENY', meaning the response cannot be displayed in a frame, regardless of the site attempting to do so. To enable the response to be loaded on a frame within the same site, set X_FRAME_OPTIONS in your project's Django settings to 'SAMEORIGIN'. cCs8| d¡dur |St|ddƒr|S| ||¡|jd<|S)NzX-Frame-OptionsÚxframe_options_exemptF)ÚgetÚgetattrÚget_xframe_options_valueÚheaders©ÚselfÚrequestÚresponse©rúT/var/www/html/rh/venv/lib/python3.10/site-packages/django/middleware/clickjacking.pyÚprocess_responses  þz(XFrameOptionsMiddleware.process_responsecCsttddƒ ¡S)a Get the value to set for the X_FRAME_OPTIONS header. Use the value from the X_FRAME_OPTIONS setting, or 'DENY' if not set. This method can be overridden if needed, allowing it to vary based on the request or response. ÚX_FRAME_OPTIONSÚDENY)rrÚupperr rrrr(sz0XFrameOptionsMiddleware.get_xframe_options_valueN)Ú__name__Ú __module__Ú __qualname__Ú__doc__rrrrrrr s rN)rÚ django.confrÚdjango.utils.deprecationrrrrrrÚs