╤Є wяJIc@sдdZddkZddklZddklZddklZlZddkl Z ddgZ eieГZ d Zd ДZdДZeeГZdДZdS( sSecurity related decoratorsi N(t decorator(tsecure_form(taborttredirect_to(t get_pylonstauthenticate_formthttpssЖCross-site request forgery detected, request denied. See http://en.wikipedia.org/wiki/Cross-site_request_forgery for more information.cCs/|itiГ}|dj o|tiГjS(N(tgetRt token_keytNonetauthentication_token(tparamstsubmitted_token((s</usr/lib/python2.6/site-packages/pylons/decorators/secure.pytauthenticated_forms cOsht|Гi}t|iГo|iti=|||ОStid||ifГt ddt ГdS(spDecorator for authenticating a form This decorator uses an authorization token stored in the client's session for prevention of certain Cross-site request forgery (CSRF) attacks (See http://en.wikipedia.org/wiki/Cross-site_request_forgery for more information). For use with the ``webhelpers.html.secure_form`` helper functions. sGCross-site request forgery detected, request denied: %r REMOTE_ADDR: %siУtdetailN(RtrequestR tPOSTRRtlogtwarntremote_addrRtcsrf_detected_message(tfunctargstkwargsR((s</usr/lib/python2.6/site-packages/pylons/decorators/secure.pyRs csЗЗfdЖ}t|ГS(s╓Decorator to redirect to the SSL version of a page if not currently using HTTPS. Takes as arguments the parameters to pass to redirect_to. (Specify no arguments necessary to redirect the current page). Apply this decorator to controller methods (actions). Non-https POST requests are aborted (405 response code) by this decorator. Example: .. code-block:: python @https('/pylons') # redirect to HTTPS /pylons def index(self): #... # redirect to HTTPS /auth/login @https(controller='auth', action='login') def login(self): #... @https() # redirect to HTTPS version of myself def get(self): #... csФt|Гi}|iiГdjo|||ОS|iiГdjo4dИds