к {иiЦСh≈dZddlmZddlmZmZddlmZddlm Z Gd└de╚Z Gd└d e╚Zy )z< Security Middleware for Cache Control and Security Headers И)зCallable)зRequestзResponse)зBaseHTTPMiddleware)зsettingscСB┤≈eZdZdZd dedef┬fd└ Zdededefd└Z ┬xZ S) зSecurityMiddlewarea├ Middleware to add security headers and prevent caching of sensitive information. Security headers added: - Cache-Control: Prevents caching - Pragma: Additional cache prevention (legacy support) - Expires: Ensures content expires immediately - Permissions-Policy: Controls browser permissions - Content-Security-Policy: Frame security (production only) зadd_cspзadd_permissions_policycС@∙≈t┴|█|╚||_||_y)N)зsuperз__init__r r)зselfзappr rз __class__s ─ЗU/var/www/html/hwPaymentPortal-be-dev/hw-payment-portal-api/src/middleware/security.pyrzSecurityMiddleware.__init__sЬ─э ┴я≤ть┬▄ь&<┬у#Сзrequestз call_nextзreturnc┐СxK≈||╚┐d{√≈├}d|jd<d|jd<d|jd<|jrd|jd <|jr"tjd k(rd|jd<d |jd<d|jd<d|jd<|S7▄╘ґw)z Add security headers to responseNЗ#no-cache, no-store, must-revalidateЗ Cache-ControlЗno-cacheзPragmaз0зExpiresz4camera=(), microphone=(), geolocation=(), payment=()ЗPermissions-Policyзprodzжframe-ancestors 'self' *.yourdomain.com; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'ЗContent-Security-Policyз SAMEORIGINzX-Frame-OptionsзnosniffzX-Content-Type-Optionsz 1; mode=blockzX-XSS-Protection)зheadersrr rзAPP_ENV╘rrrзresponses rзdispatchzSecurityMiddleware.dispatchsуХЬ─А"═7с+в+┬П-R┬вя≤я)ь%/┬вя≤я"ь&)┬вя≤я#Пв&р&ЮFП вяп1я2П ▐<┼<°Hв,я,╟р6П%П вяп6я7П/;┬вяп*я+П6?┬вяп1я2П0?┬вяп+я,Ю┬ПE,Зs┌B:▌B8▐B*B:)TT)з__name__з __module__з__qualname__з__doc__зboolrrrrr'з __classcell__)rs@rr r s5Ь└Я Я=═TП=х$У=П $═gП$╦(П$юxВ$rr cС$≈eZdZdZdededefd└Zy)зNoCacheMiddlewarez√ Simplified middleware focused only on preventing caching. Use this when you only need cache control without other security headers. rrrc┐СНK≈||╚┐d{√≈├}d|jd<d|jd<d|jd<d|jd <tjd k(rd|jd<|S7▄dґw) z(Add cache prevention headers to responseNrrrrrrzcamera=(), microphone=()rrz'frame-ancestors 'self' *.yourdomain.comr )r#rr$r%s rr'zNoCacheMiddleware.dispatchKs▄ХЬ─А"═7с+в+┬П-R┬вя≤я)ь%/┬вя≤я"ь&)┬вя≤я#П 'П вяп-я.Т вя≤vр%Ю9П вяп6я7П┬П%,Зs┌A5▌A3▐A%A5N)r(r)r*r+rrrr'╘rrr/r/Ds!└ЯП═gП╦(ПюxТrr/N)r+зtypingrзfastapirrзstarlette.middleware.baserзsrc.core.configrr r/r1rrЗr6s3ПЯУГ%щ8Е$Т5п+Т5Тpп*Уr