î
ªÍ XÓ  ã               @   så   d  d l  m Z d d l m Z m Z m Z d d l m Z e d d d ƒZ e d d d	 ƒZ	 e d
 d d ƒZ
 d d „  Z e e j d d ƒd d „  ƒ Z e e j d d ƒd d „  ƒ Z e e j d d ƒd d „  ƒ Z d S)é    )Úsettingsé   )ÚTagsÚWarningÚregister)Úpatch_middleware_messagea  You don't appear to be using Django's built-in cross-site request forgery protection via the middleware ('django.middleware.csrf.CsrfViewMiddleware' is not in your MIDDLEWARE). Enabling the middleware is the safest approach to ensure you don't leave any holes.Úidzsecurity.W003zçYou have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.zsecurity.W016zëYou have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_HTTPONLY to True. Using an HttpOnly CSRF cookie makes it more difficult for cross-site scripting attacks to steal the CSRF token.zsecurity.W017c               C   s%   d t  j k p$ t  j o$ d t  j k S)Nz)django.middleware.csrf.CsrfViewMiddleware)r   ZMIDDLEWARE_CLASSESZ
MIDDLEWARE© r	   r	   úN/home/ubuntu/projects/ifolica/build/django/django/core/checks/security/csrf.pyÚ_csrf_middleware    s    r   ZdeployTc             K   s    t  ƒ  } | r g  St t ƒ g S)N)r   r   ÚW003)Úapp_configsÚkwargsÚpassed_checkr	   r	   r
   Úcheck_csrf_middleware%   s    	r   c             K   s*   t  ƒ  p t j } | r g  St t ƒ g S)N)r   r   ZCSRF_COOKIE_SECUREr   ÚW016)r   r   r   r	   r	   r
   Úcheck_csrf_cookie_secure+   s    
	r   c             K   s*   t  ƒ  p t j } | r g  St t ƒ g S)N)r   r   ZCSRF_COOKIE_HTTPONLYr   ÚW017)r   r   r   r	   r	   r
   Úcheck_csrf_cookie_httponly4   s    
	r   N)Zdjango.confr   Ú r   r   r   Úutilsr   r   r   r   r   Úsecurityr   r   r   r	   r	   r	   r
   Ú<module>   s   			!!	