o {,h' @s@ddlZddlmZddlmZddlmZGdddeZdS)N)settings)HttpResponsePermanentRedirect)MiddlewareMixincs,eZdZfddZddZddZZS)SecurityMiddlewarecsbt|tj|_tj|_tj|_tj |_ tj |_ tj |_ddtjD|_tj|_tj|_dS)NcSsg|]}t|qS)recompile).0rrrP/var/www/html/rh/venv/lib/python3.10/site-packages/django/middleware/security.py sz/SecurityMiddleware.__init__..)super__init__rSECURE_HSTS_SECONDS sts_secondsSECURE_HSTS_INCLUDE_SUBDOMAINSsts_include_subdomainsSECURE_HSTS_PRELOAD sts_preloadSECURE_CONTENT_TYPE_NOSNIFFcontent_type_nosniffSECURE_SSL_REDIRECTredirectSECURE_SSL_HOST redirect_hostSECURE_REDIRECT_EXEMPTredirect_exemptSECURE_REFERRER_POLICYreferrer_policy!SECURE_CROSS_ORIGIN_OPENER_POLICYcross_origin_opener_policy)self get_response __class__rr r s  zSecurityMiddleware.__init__cs`|jd|jr*|s,tfdd|jDs.|jp|}td|| fSdSdSdS)N/c3s|]}|VqdS)N)search)r patternpathrr sz5SecurityMiddleware.process_request..z https://%s%s) r)lstripr is_secureanyrrget_hostr get_full_path)r!requesthostrr(r process_requests  z"SecurityMiddleware.process_requestc Cs|jr#|r#d|vr#d|j}|jr|d7}|jr|d7}||jd<|jr-|jdd|jrL|jddt |jt rGd d |j dDn|j|j rV|d |j |S) NzStrict-Transport-Securityz max-age=%sz; includeSubDomainsz ; preloadzX-Content-Type-OptionsnosniffzReferrer-Policy,cSsg|]}|qSr)strip)r vrrr r 7sz7SecurityMiddleware.process_response..zCross-Origin-Opener-Policy) rr,rrheadersr setdefaultrjoin isinstancestrsplitr )r!r0response sts_headerrrr process_response!s8    z#SecurityMiddleware.process_response)__name__ __module__ __qualname__rr2r? __classcell__rrr#r rs   r)r django.confr django.httprdjango.utils.deprecationrrrrrr s