hddlmZddlZddlmZddlmZmZddlm Z m Z ddl m Z ddl mZddlmZdd lmZd Zd Zd Zd ZdZdZGddeZGddeZdS)) annotationsN)Any) ParseResulturlparse) HttpRequest HttpResponse)patch_vary_headers)MiddlewareMixin)conf)check_request_enabledzAccess-Control-Allow-OriginzAccess-Control-Expose-Headersz Access-Control-Allow-CredentialszAccess-Control-Allow-HeaderszAccess-Control-Allow-MethodszAccess-Control-Max-Agec&eZdZd dZd dZdd Zd S)CorsPostCsrfMiddlewarerequestrreturnNonecvtjr*d|jvr#|jd}||jd<|jd=dSdSdS)zj Put the HTTP_REFERER back to its original value and delete the temporary storage ORIGINAL_HTTP_REFERER HTTP_REFERERN)r CORS_REPLACE_HTTPS_REFERERMETA)selfr http_referers R/var/www/html/Sam_Eipo/venv/lib/python3.11/site-packages/corsheaders/middleware.py_https_referer_replace_reversez5CorsPostCsrfMiddleware._https_referer_replace_reversesV  * 6/F',/V/V"<(?@L+7GL ( 4555 6 6/V/Vc0||dSNrrrs rprocess_requestz&CorsPostCsrfMiddleware.process_request!s ++G444trcallbackr callback_argscallback_kwargsc0||dSrrrrr!r"r#s r process_viewz#CorsPostCsrfMiddleware.process_view%s ++G444trNrrrr rrr!rr"rr#rrr)__name__ __module__ __qualname__rr r&rrrrsP6666rrcVeZdZddZddZdd ZddZddZd dZd!dZ d!dZ d"dZ dS)#CorsMiddlewarerrrrc|jd}|r|rd|jvrt|}tjs|||sdS |jd}d|jdz}|j|_||jd<||jd<dS#t$rYdSwxYwdSdSdS)a When https is enabled, django CSRF checking includes referer checking which breaks when using CORS. This function updates the HTTP_REFERER header to make sure it matches HTTP_HOST, provided that our cors logic succeeds HTTP_ORIGINrNrz https://%s/ HTTP_HOST) rget is_securerr CORS_ALLOW_ALL_ORIGINSorigin_found_in_white_listscopyKeyError)rroriginurlr http_hosts r_https_referer_replacez%CorsMiddleware._https_referer_replace1s!!-00       (w|;;6""C/ 88EE  &|N; )GL,EE &|0022 8D 45/8 ^,,,    '    <;s.AB?? C  C HttpResponse | Nonec|||_|jrJtjr|||jdkrd|jvrt}d|d<|SdS)a If CORS preflight header, then create an empty body response (200 OK) and return it Django won't bother calling any other request view/exception middleware along with the requested view; it will call any response middlewares OPTIONS"HTTP_ACCESS_CONTROL_REQUEST_METHOD0zContent-LengthN) is_enabled _cors_enabledr rr;methodrr)rrresponses rr zCorsMiddleware.process_requestPs|!% 8 8  . 5++G444)++8GLHH'>>-0)*trr!rr"r#cV|jr!tjr||dS)z9 Do the referer replacement here as well N)rBr rr;r%s rr&zCorsMiddleware.process_viewgs2   1T%D 1  ' ' 0 0 0trrDrct|dd}|||}|s|St|dg|jd}|s|S t |}n#t $r|cYSwxYwtjr d|t<tj s-| ||s| |s|Stj rtjs d|t<n ||t<ttjr'dtj|t"<|jdkr{dtj|t(<dtj|t,<tjr!t1tj|t2<|S) z1 Add the respective CORS headers rBNOriginr0true*z, r>)getattrrAr rr2r ValueErrorr CORS_ALLOW_CREDENTIALS ACCESS_CONTROL_ALLOW_CREDENTIALSr4r5 check_signalACCESS_CONTROL_ALLOW_ORIGINlenCORS_EXPOSE_HEADERSjoinACCESS_CONTROL_EXPOSE_HEADERSrCCORS_ALLOW_HEADERSACCESS_CONTROL_ALLOW_HEADERSCORS_ALLOW_METHODSACCESS_CONTROL_ALLOW_METHODSCORS_PREFLIGHT_MAX_AGEstrACCESS_CONTROL_MAX_AGE)rrrDenabledr8r9s rprocess_responsezCorsMiddleware.process_responseus '?D99 ?oog..G O8hZ000!!-00 O 6""CC   OOO   & @9?H5 6+ 44VSAA %%g..  O  & ;t/J ;47H0 1 14:H0 1 t' ( ( 6:ii(77H2 3 >Y & &59YYt?V5W5WH1 259YYt?V5W5WH1 2* T36t7R3S3S/0sA-- A<;A<r8rYr9rboolc~|dkr|tjvp)||p||S)Nnull)r CORS_ALLOWED_ORIGINS_url_in_whitelistregex_domain_match)rr8r9s rr5z*CorsMiddleware.origin_found_in_white_listssH v  E&D,E"E /%%c** /&&v.. rcNtfdtjDS)Nc3BK|]}tj|VdSr)rematch).0domain_patternr8s r z4CorsMiddleware.regex_domain_match..sC   H^V , ,      r)anyr CORS_ALLOWED_ORIGIN_REGEXES)rr8s `rrbz!CorsMiddleware.regex_domain_matchs>    "&"B      rcttjtj|jp||Sr)r]rerfr CORS_URLS_REGEX path_inforNrs rrAzCorsMiddleware.is_enableds? HT)7+< = =  (   w ' ' (rc`tjd|}td|DS)N)senderrc3 K|] \}}|V dSrr,)rgfunction return_values rriz.CorsMiddleware.check_signal..s'OO$:Hl<OOOOOOr)r sendrj)rrsignal_responsess rrNzCorsMiddleware.check_signals605T7SSSOO>NOOOOOOrcfdtjD}tfd|DS)Nc,g|]}t|Sr,)r)rgos r z4CorsMiddleware._url_in_whitelist..sBBB18A;;BBBrc3XK|]$}|jjko|jjkV%dSr)schemenetloc)rgr8r9s rriz3CorsMiddleware._url_in_whitelist..sN   MSZ ' GFMSZ,G      r)r r`rj)rr9originss ` rraz CorsMiddleware._url_in_whitelistsQBB(ABBB    !      rNr')rrrr<r()rrrDrrr)r8rYr9rrr])r8rYrr])rrrr])r9rrr]) r)r*r+r;r r&r\r5rbrArNrar,rrr.r.0s>.    2222h        (((( PPPP      rr.) __future__rretypingr urllib.parserr django.httprrdjango.utils.cacher django.utils.deprecationr corsheaders.confr corsheaders.signalsr rOrSrMrUrWrZrr.r,rrrs6"""""" ........11111111111111444444!!!!!!555555; ?#E ==1_4T T T T T _T T T T T r