|
Server : Apache System : Linux cvar2.toservers.com 3.10.0-962.3.2.lve1.5.73.el7.x86_64 #1 SMP Wed Aug 24 21:31:23 UTC 2022 x86_64 User : njnconst ( 1116) PHP Version : 8.4.18 Disable Function : NONE Directory : /usr/lib64/python2.7/site-packages/django/middleware/ |
Upload File : |
�
r�\c�����������@��s��d��Z��d�d�l�m�Z�d�d�l�Z�d�d�l�Z�d�d�l�m�Z�d�d�l�m�Z�d�d�l �m
�Z
�d�d�l
�m
�Z
�d�d�l
�m�Z�d�d �l�m�Z�m�Z�e�j�d
���Z�d
�Z�d
�Z�d
�Z�d�Z�d�Z�d����Z�d����Z�d����Z�d����Z
�d����Z
�d�e
�f�d�������YZ �d�S(���u����
Cross Site Request Forgery Middleware.
This module provides a middleware that implements protection
against request forgeries from other sites.
i����(���t���unicode_literalsN(���t���settings(���t
���get_callable(���t���patch_vary_headers(���t
���force_text(���t
���same_origin(���t���constant_time_comparet���get_random_stringu���django.requestu%���Referer checking failed - no Referer.u/���Referer checking failed - %s does not match %s.u���CSRF cookie not set.u ���CSRF token missing or incorrect.i ���c�����������C��s
���t��t�j���S(���u9���
Returns the view to be used for CSRF rejections
(���R���R���t���CSRF_FAILURE_VIEW(����(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���_get_failure_view
���s����c�����������C��s
���t��t���S(���N(���R���t���CSRF_KEY_LENGTH(����(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���_get_new_csrf_key$���s����c���������C��s ���t��|��j�d�<|��j�j�d�d���S(���u���
Returns the CSRF token required for a POST form. The token is an
alphanumeric value.
A side effect of calling this function is to make the csrf_protect
decorator and the CsrfViewMiddleware add a CSRF cookie and a 'Vary: Cookie'
header to the outgoing response. For this reason, you may need to use this
function lazily, as is done by the csrf context processor.
u���CSRF_COOKIE_USEDu
���CSRF_COOKIEN(���t���Truet���METAt���gett���None(���t���request(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt ���get_token(���s����
c���������C��s%���|��j��j�i�t�d�6t����d�6��d�S(���uj���
Changes the CSRF token in use for a request - should be done on login
for security purposes.
u���CSRF_COOKIE_USEDu
���CSRF_COOKIEN(���R
���t���updateR
���R
���(���R���(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt
���rotate_token6���s����
c���������C��sK���t��|����t�k�r�t����St�j�d�d�t�|������}��|��d�k�rG�t����S|��S(���Nu
���[^a-zA-Z0-9]+u����(���t���lenR
���R
���t���ret���subR���(���t���token(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���_sanitize_tokenA���s
����
t���CsrfViewMiddlewarec�����������B��s2���e��Z�d��Z�d����Z�d����Z�d����Z�d����Z�RS(���u����
Middleware that requires a present and correct csrfmiddlewaretoken
for POST requests that have a CSRF cookie, and sets an outgoing
CSRF cookie.
This middleware should be used in conjunction with the csrf_token template
tag.
c���������C��s
���t��|�_�d��S(���N(���R
���t���csrf_processing_doneR���(���t���selfR���(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���_acceptW���s���� c���������C��s=���t��j�d�|�|�j�d�i�d�d�6|�d�6�t����|�d�|��S(���Nu���Forbidden (%s): %st���extrai���u
���status_codeu���requestt���reason(���t���loggert���warningt���pathR ���(���R���R���R
���(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���_reject^���s
����
c���
������C��s���t��|�d�t���r�d��Sy'�t�|�j�t�j���}�|�|�j�d�<Wn'�t�k
�rf�d��}�t ����|�j�d�<n�Xt��|�d�t���r}�d��S|�j
�d�k�r�t��|�d�t���r��|��j
�|���S|�j
����r'|�j�j
�d ���}�|�d��k�r��|��j�|�t���Sd
�|�j����}�t�|�|���s't�|�|�f�}�|��j�|�|���Sn��|�d��k�rC|��j�|�t���Sd
�} �|�j
�d
�k�rp|�j�j
�d
�d
���} �n��| �d
�k�r�|�j�j
�d�d
���} �n��t�| �|���s�|��j�|�t���Sn��|��j
�|���S(���Nu���csrf_processing_doneu
���CSRF_COOKIEu
���csrf_exemptu���GETu���HEADu���OPTIONSu���TRACEu���_dont_enforce_csrf_checksu
���HTTP_REFERERu
���https://%s/u����u���POSTu���csrfmiddlewaretokenu���HTTP_X_CSRFTOKEN(���u���GETu���HEADu���OPTIONSu���TRACE(���t���getattrt���FalseR���R���t���COOKIESR���t���CSRF_COOKIE_NAMER
���t���KeyErrorR
���t���methodR
���t ���is_secureR���R"���t���REASON_NO_REFERERt���get_hostR���t���REASON_BAD_REFERERt���REASON_NO_CSRF_COOKIEt���POSTR���t���REASON_BAD_TOKEN(
���R���R���t���callbackt
���callback_argst���callback_kwargst
���csrf_tokent���referert
���good_refererR
���t���request_csrf_token(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt
���process_viewh���s@����
c������
���C��s����t��|�d�t���r�|�S|�j�j�d���d��k�r2�|�S|�j�j�d�t���sK�|�S|�j�t�j�|�j�d�d�d�d �t�j�d
�t�j �d
�t�j
�d
�t�j
��t
�|�d���t
�|�_�|�S(���Nu���csrf_processing_doneu
���CSRF_COOKIEu���CSRF_COOKIE_USEDt���max_agei<���i���i���i4���t���domainR!���t���securet���httponlyu���Cookiei��i�Q�i�: �i���(���u���Cookie(���R#���R$���R
���R���R���t
���set_cookieR���R&���t���CSRF_COOKIE_DOMAINt���CSRF_COOKIE_PATHt���CSRF_COOKIE_SECUREt���CSRF_COOKIE_HTTPONLYR���R
���R���(���R���R���t���response(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���process_response����s ����
(���t���__name__t
���__module__t���__doc__R
���R"���R7���RB���(����(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyR���L���s
���
N( ���RE���t
���__future__R����t���loggingR���t
���django.confR���t���django.core.urlresolversR���t���django.utils.cacheR���t���django.utils.encodingR���t���django.utils.httpR���t���django.utils.cryptoR���R���t ���getLoggerR ���R*���R,���R-���R/���R
���R ���R
���R���R���R���t���objectR���(����(����(����s8���/tmp/pip-install-XxeQeY/django/django/middleware/csrf.pyt���<module>���s*���