î ªÍXÝ ã@sBddlmZddlmZmZmZddlmZdd„Zeedƒdd ƒZ eed ƒdd ƒZ eed ƒdd ƒZ dd„Z ee dƒddƒZ ee dƒddƒZee dƒddƒZeejddƒdd„ƒZeejddƒdd„ƒZdd„Zdd„Zd S)!é)Úsettingsé)ÚTagsÚWarningÚregister)Úpatch_middleware_messagecCs|dS)Nzq Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions.©)ÚmessagerrúR/home/ubuntu/projects/ifolica/build/django/django/core/checks/security/sessions.pyÚadd_session_cookie_messagesr znYou have 'django.contrib.sessions' in your INSTALLED_APPS, but you have not set SESSION_COOKIE_SECURE to True.Úidz security.W010z‡You have 'django.contrib.sessions.middleware.SessionMiddleware' in your MIDDLEWARE, but you have not set SESSION_COOKIE_SECURE to True.z security.W011z)SESSION_COOKIE_SECURE is not set to True.z security.W012cCs|dS)Nzs Using an HttpOnly session cookie makes it more difficult for cross-site scripting attacks to hijack user sessions.r)r rrr Úadd_httponly_message$sr zpYou have 'django.contrib.sessions' in your INSTALLED_APPS, but you have not set SESSION_COOKIE_HTTPONLY to True.z security.W013z‰You have 'django.contrib.sessions.middleware.SessionMiddleware' in your MIDDLEWARE, but you have not set SESSION_COOKIE_HTTPONLY to True.z security.W014z+SESSION_COOKIE_HTTPONLY is not set to True.z security.W015ZdeployTcKslg}tjshtƒr(|jtƒntƒrG|jttƒƒnt|ƒdkrht g}qhn|S)Né) rZSESSION_COOKIE_SECUREÚ _session_appÚappendÚW010Ú_session_middlewarerÚW011ÚlenÚW012)Ú app_configsÚkwargsÚerrorsrrr Úcheck_session_cookie_secureBs   rcKslg}tjshtƒr(|jtƒntƒrG|jttƒƒnt|ƒdkrht g}qhn|S)Nr) rZSESSION_COOKIE_HTTPONLYrrÚW013rrÚW014rÚW015)rrrrrr Úcheck_session_cookie_httponlyOs   rcCs%dtjkp$tjo$dtjkS)Nz4django.contrib.sessions.middleware.SessionMiddleware)rZMIDDLEWARE_CLASSESZ MIDDLEWARErrrr r\srcCs dtjkS)Nzdjango.contrib.sessions)rZINSTALLED_APPSrrrr rasrN)Z django.confrÚrrrÚutilsrr rrrr rrrÚsecurityrrrrrrrr Ús<              ! !