3 ­©Þ[Åã@s0dZddlmZddlmZGdd„deƒZdS)z° Clickjacking Protection Middleware. This module provides a middleware that implements protection against a malicious site loading resources from your site in a hidden frame. é)Úsettings)ÚMiddlewareMixinc@s eZdZdZdd„Zdd„ZdS)ÚXFrameOptionsMiddlewareaÓ Set the X-Frame-Options HTTP header in HTTP responses. Do not set the header if it's already set or if the response contains a xframe_options_exempt value set to True. By default, set the X-Frame-Options header to 'SAMEORIGIN', meaning the response can only be loaded on a frame within the same site. To prevent the response from being loaded in a frame in any site, set X_FRAME_OPTIONS in your project's Django settings to 'DENY'. cCs6|jdƒdk r|St|ddƒr"|S|j||ƒ|d<|S)NzX-Frame-OptionsZxframe_options_exemptF)ÚgetÚgetattrÚget_xframe_options_value)ÚselfÚrequestÚresponse©r úB/tmp/pip-install-j7i95hgp/django/django/middleware/clickjacking.pyÚprocess_responses  z(XFrameOptionsMiddleware.process_responsecCsttddƒjƒS)a  Get the value to set for the X_FRAME_OPTIONS header. Use the value from the X_FRAME_OPTIONS setting, or 'SAMEORIGIN' if not set. This method can be overridden if needed, allowing it to vary based on the request or response. ZX_FRAME_OPTIONSZ SAMEORIGIN)rrÚupper)rr r r r r r%sz0XFrameOptionsMiddleware.get_xframe_options_valueN)Ú__name__Ú __module__Ú __qualname__Ú__doc__r rr r r r r s  rN)rZ django.confrZdjango.utils.deprecationrrr r r r Ús