ó i4Vdc@sÉddlmZddlmZmZmZedddƒZedddƒZed dd ƒZd „Z eej d e ƒd „ƒZ eej d e ƒd„ƒZ eej d e ƒd„ƒZdS(iÿÿÿÿ(tsettingsi(tTagstWarningtregisters You don't appear to be using Django's built-in cross-site request forgery protection via the middleware ('django.middleware.csrf.CsrfViewMiddleware' is not in your MIDDLEWARE_CLASSES). Enabling the middleware is the safest approach to ensure you don't leave any holes.tids security.W003sïYou have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE_CLASSES, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.s security.W016sóYou have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE_CLASSES, but you have not set CSRF_COOKIE_HTTPONLY to True. Using an HttpOnly CSRF cookie makes it more difficult for cross-site scripting attacks to steal the CSRF token.s security.W017cCs dtjkS(Ns)django.middleware.csrf.CsrfViewMiddleware(RtMIDDLEWARE_CLASSES(((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/csrf.pyt_csrf_middlewarestdeploycKstƒ}|rgStgS(N(RtW003(t app_configstkwargst passed_check((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/csrf.pytcheck_csrf_middleware#s cKs$tƒ ptj}|rgStgS(N(RRtCSRF_COOKIE_SECUREtW016(R R R ((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/csrf.pytcheck_csrf_cookie_secure)s  cKs$tƒ ptj}|rgStgS(N(RRtCSRF_COOKIE_HTTPONLYtW017(R R R ((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/csrf.pytcheck_csrf_cookie_httponly2s  N(t django.confRtRRRRRRRtsecuritytTrueR RR(((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/csrf.pyts