z-is8ddlmZddlmZddlZGddZy))settings) HttpResponseNceZdZdZdZdZy)StaticXFrameOptionsMiddlewareuK 为静态 HTML 文件添加 X-Frame-Options 响应头的中间件 c||_y)N) get_response)selfrs $/usr/local/footviz/api/middleware.py__init__z&StaticXFrameOptionsMiddleware.__init__ s (c|j|}|jjtjr%|jj dr d|d<d|d<|S)Nz.html SAMEORIGINzX-Frame-OptionszSframe-ancestors 'self' http://localhost:* http://127.0.0.1:* https://*.21729901.xyzzContent-Security-Policy)rpath startswithr MEDIA_URLendswith)r requestresponses r __call__z&StaticXFrameOptionsMiddleware.__call__ s\$$W- LL # #H$6$6 7 LL ! !' **6H& '3HH. /r N)__name__ __module__ __qualname____doc__r rr r rrs) r r) django.confr django.httprosrrr r rs $ r