vÅÏ^ëã@s¢ddlmZddlmZmZmZedddƒZedddƒZd d „Zeej d d ƒd d„ƒZ eej d d ƒdd„ƒZ dS)é)Úsettingsé)ÚTagsÚWarningÚregisteraYou don't appear to be using Django's built-in cross-site request forgery protection via the middleware ('django.middleware.csrf.CsrfViewMiddleware' is not in your MIDDLEWARE). Enabling the middleware is the safest approach to ensure you don't leave any holes.Úidz security.W003zçYou have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.z security.W016cCs dtjkS)Nz)django.middleware.csrf.CsrfViewMiddleware)rZ MIDDLEWARE©rrúB/tmp/pip-build-8lau8j11/django/django/core/checks/security/csrf.pyÚ_csrf_middlewaresr ZdeployTcKstƒ}|rgStgS)N)r ÚW003)Ú app_configsÚkwargsÚ passed_checkrrr Úcheck_csrf_middlewares rcKs-tjptƒ ptj}|r&gStgS)N)rZCSRF_USE_SESSIONSr ZCSRF_COOKIE_SECUREÚW016)r r rrrr Úcheck_csrf_cookie_secure!s   rN) Z django.confrÚrrrr rr Úsecurityrrrrrr Ús   !