vÅÏ^ã@s8ddlmZdd„Zdd„Zdd„ZdS) é)Úwrapscs"‡fdd†}tˆƒ|ƒS)zñ Modify a view function so its response has the X-Frame-Options HTTP header set to 'DENY' as long as the response doesn't already have that header set. Usage: @xframe_options_deny def some_view(request): ... cs2ˆ||Ž}|jdƒdkr.d|d<|S)NzX-Frame-OptionsZDENY)Úget)ÚargsÚkwargsÚresp)Ú view_func©úF/tmp/pip-build-8lau8j11/django/django/views/decorators/clickjacking.pyÚ wrapped_views z)xframe_options_deny..wrapped_view)r)rr r)rr Úxframe_options_denys r cs"‡fdd†}tˆƒ|ƒS)zý Modify a view function so its response has the X-Frame-Options HTTP header set to 'SAMEORIGIN' as long as the response doesn't already have that header set. Usage: @xframe_options_sameorigin def some_view(request): ... cs2ˆ||Ž}|jdƒdkr.d|d<|S)NzX-Frame-OptionsZ SAMEORIGIN)r)rrr)rrr r s z/xframe_options_sameorigin..wrapped_view)r)rr r)rr Úxframe_options_sameorigins r cs"‡fdd†}tˆƒ|ƒS)zá Modify a view function by setting a response variable that instructs XFrameOptionsMiddleware to NOT set the X-Frame-Options HTTP header. Usage: @xframe_options_exempt def some_view(request): ... csˆ||Ž}d|_|S)NT)Úxframe_options_exempt)rrr)rrr r 1s z+xframe_options_exempt..wrapped_view)r)rr r)rr r (s r N)Ú functoolsrr r r rrrr Ús