[{"data":1,"prerenderedAt":9326},["ShallowReactive",2],{"navigation":3,"/security/clickjacking-protection":1016,"/security/clickjacking-protection-surround":9321},[4,54,89,123,165,211,253,331,389,439,462,488,514,540,578,624,650,672,702,736,774,800,850,856,862,868,874,928],{"title":5,"path":6,"stem":7,"children":8},"Introduction and Foundations","/introduction-and-foundations","01.introduction-and-foundations/01.index",[9,10,14,18,22,26,30,34,38,42,46,50],{"title":5,"path":6,"stem":7},{"title":11,"path":12,"stem":13},"What is Django","/introduction-and-foundations/what-is-django","01.introduction-and-foundations/02.what-is-django",{"title":15,"path":16,"stem":17},"Key Concepts and Philosophy","/introduction-and-foundations/key-concepts-and-philosophy","01.introduction-and-foundations/03.key-concepts-and-philosophy",{"title":19,"path":20,"stem":21},"MVC vs MVT: Understanding Django's Architecture","/introduction-and-foundations/mvc-vs-mvt","01.introduction-and-foundations/04.mvc-vs-mvt",{"title":23,"path":24,"stem":25},"Project Structure Overview","/introduction-and-foundations/project-structure-overview","01.introduction-and-foundations/05.project-structure-overview",{"title":27,"path":28,"stem":29},"Installing Django","/introduction-and-foundations/installing-django","01.introduction-and-foundations/06.installing-django",{"title":31,"path":32,"stem":33},"Creating Your First Django Project","/introduction-and-foundations/creating-first-project","01.introduction-and-foundations/07.creating-first-project",{"title":35,"path":36,"stem":37},"Creating Your First Django App","/introduction-and-foundations/creating-first-app","01.introduction-and-foundations/08.creating-first-app",{"title":39,"path":40,"stem":41},"Your First Django \"Hello World\"","/introduction-and-foundations/hello-world","01.introduction-and-foundations/09.hello-world",{"title":43,"path":44,"stem":45},"Django Quick Start Guide","/introduction-and-foundations/quick-start-guide","01.introduction-and-foundations/10.quick-start-guide",{"title":47,"path":48,"stem":49},"How Django Handles Requests","/introduction-and-foundations/how-django-handles-requests","01.introduction-and-foundations/11.how-django-handles-requests",{"title":51,"path":52,"stem":53},"Django Settings","/introduction-and-foundations/django-settings","01.introduction-and-foundations/12.django-settings",{"title":55,"path":56,"stem":57,"children":58},"The Development Environment","/development-environment","02.development-environment/1.index",[59,61,65,69,73,77,81,85],{"title":60,"path":56,"stem":57},"Development Environment",{"title":62,"path":63,"stem":64},"Recommended Tooling for Django Development","/development-environment/recommended-tooling","02.development-environment/2.recommended-tooling",{"title":66,"path":67,"stem":68},"Virtual Environments","/development-environment/virtual-environments","02.development-environment/3.virtual-environments",{"title":70,"path":71,"stem":72},"Django Admin and Management Commands","/development-environment/admin-and-management-commands","02.development-environment/4.admin-and-management-commands",{"title":74,"path":75,"stem":76},"Django Project Settings","/development-environment/project-settings","02.development-environment/5.project-settings",{"title":78,"path":79,"stem":80},"Managing Django Environments: Local, Staging, and Production","/development-environment/environments-local-staging-production","02.development-environment/6.environments-local-staging-production",{"title":82,"path":83,"stem":84},"Running Django Development Server","/development-environment/running-development-server","02.development-environment/7.running-development-server",{"title":86,"path":87,"stem":88},"Working with Django Shell","/development-environment/working-with-shell","02.development-environment/8.working-with-shell",{"title":90,"path":91,"stem":92,"children":93},"Templates and Presentation Layer","/templates-and-presentation","03.templates-and-presentation/1.index",[94,95,99,103,107,111,115,119],{"title":90,"path":91,"stem":92},{"title":96,"path":97,"stem":98},"Introduction to Django Templates","/templates-and-presentation/introduction-to-templates","03.templates-and-presentation/2.introduction-to-templates",{"title":100,"path":101,"stem":102},"The Django Template Language","/templates-and-presentation/django-template-language","03.templates-and-presentation/3.django-template-language",{"title":104,"path":105,"stem":106},"Template Inheritance","/templates-and-presentation/template-inheritance","03.templates-and-presentation/4.template-inheritance",{"title":108,"path":109,"stem":110},"Built-in Template Tags and Filters","/templates-and-presentation/built-in-template-tags-and-filters","03.templates-and-presentation/5.built-in-template-tags-and-filters",{"title":112,"path":113,"stem":114},"Including Static Files","/templates-and-presentation/including-static-files","03.templates-and-presentation/6.including-static-files",{"title":116,"path":117,"stem":118},"Working with Media Files","/templates-and-presentation/working-with-media-files","03.templates-and-presentation/7.working-with-media-files",{"title":120,"path":121,"stem":122},"Using Alternative Template Engines","/templates-and-presentation/using-alternative-template-engines","03.templates-and-presentation/8.using-alternative-template-engines",{"title":124,"path":125,"stem":126,"children":127},"URLs and Views","/urls-and-views","04.urls-and-views/01.index",[128,129,133,137,141,145,149,153,157,161],{"title":124,"path":125,"stem":126},{"title":130,"path":131,"stem":132},"The URL Dispatcher","/urls-and-views/the-url-dispatcher","04.urls-and-views/02.the-url-dispatcher",{"title":134,"path":135,"stem":136},"Writing Function-Based Views","/urls-and-views/writing-function-based-views","04.urls-and-views/03.writing-function-based-views",{"title":138,"path":139,"stem":140},"View Decorators","/urls-and-views/view-decorators","04.urls-and-views/04.view-decorators",{"title":142,"path":143,"stem":144},"Rendering Responses","/urls-and-views/rendering-responses","04.urls-and-views/05.rendering-responses",{"title":146,"path":147,"stem":148},"Redirects","/urls-and-views/redirects","04.urls-and-views/06.redirects",{"title":150,"path":151,"stem":152},"Handling HTTP Methods","/urls-and-views/handling-http-methods","04.urls-and-views/07.handling-http-methods",{"title":154,"path":155,"stem":156},"Conditional View Processing","/urls-and-views/conditional-view-processing","04.urls-and-views/08.conditional-view-processing",{"title":158,"path":159,"stem":160},"File Uploads","/urls-and-views/file-uploads","04.urls-and-views/09.file-uploads",{"title":162,"path":163,"stem":164},"Using Django Shortcut Functions","/urls-and-views/using-django-shortcut-functions","04.urls-and-views/10.using-django-shortcut-functions",{"title":166,"path":167,"stem":168,"children":169},"Class Based Views","/class-based-views","05.class-based-views/01.index",[170,171,175,179,183,187,191,195,199,203,207],{"title":166,"path":167,"stem":168},{"title":172,"path":173,"stem":174},"Introduction to Class-Based Views","/class-based-views/introduction-to-class-based-views","05.class-based-views/02.introduction-to-class-based-views",{"title":176,"path":177,"stem":178},"Common Base Classes","/class-based-views/common-base-classes","05.class-based-views/03.common-base-classes",{"title":180,"path":181,"stem":182},"Built-in Generic Views","/class-based-views/built-in-generic-views","05.class-based-views/04.built-in-generic-views",{"title":184,"path":185,"stem":186},"Views for CRUD Operations","/class-based-views/views-for-crud-operations","05.class-based-views/05.views-for-crud-operations",{"title":188,"path":189,"stem":190},"Handling Forms with Class-Based Views","/class-based-views/handling-forms-with-class-based-views","05.class-based-views/06.handling-forms-with-class-based-views",{"title":192,"path":193,"stem":194},"Using Mixins","/class-based-views/using-mixins","05.class-based-views/07.using-mixins",{"title":196,"path":197,"stem":198},"URL Configuration with Class-Based Views","/class-based-views/url-configuration-with-class-based-views","05.class-based-views/08.url-configuration-with-class-based-views",{"title":200,"path":201,"stem":202},"Subclassing Generic Views","/class-based-views/subclassing-generic-views","05.class-based-views/09.subclassing-generic-views",{"title":204,"path":205,"stem":206},"Asynchronous Class-Based Views","/class-based-views/asynchronous-class-based-views","05.class-based-views/10.asynchronous-class-based-views",{"title":208,"path":209,"stem":210},"Pagination","/class-based-views/pagination","05.class-based-views/11.pagination",{"title":212,"path":213,"stem":214,"children":215},"Forms and User Input","/forms-and-user-input","06.forms-and-user-input/01.index",[216,217,221,225,229,233,237,241,245,249],{"title":212,"path":213,"stem":214},{"title":218,"path":219,"stem":220},"Understanding HTML Forms","/forms-and-user-input/understanding-html-forms","06.forms-and-user-input/02.understanding-html-forms",{"title":222,"path":223,"stem":224},"Django's Role in Form Handling","/forms-and-user-input/djangos-role-in-form-handling","06.forms-and-user-input/03.djangos-role-in-form-handling",{"title":226,"path":227,"stem":228},"Creating Forms with Forms API","/forms-and-user-input/creating-forms-with-forms-api","06.forms-and-user-input/04.creating-forms-with-forms-api",{"title":230,"path":231,"stem":232},"Form Validation","/forms-and-user-input/form-validation","06.forms-and-user-input/05.form-validation",{"title":234,"path":235,"stem":236},"Built-in Fields and Widgets","/forms-and-user-input/built-in-fields-and-widgets","06.forms-and-user-input/06.built-in-fields-and-widgets",{"title":238,"path":239,"stem":240},"Form Rendering in Templates","/forms-and-user-input/form-rendering-in-templates","06.forms-and-user-input/07.form-rendering-in-templates",{"title":242,"path":243,"stem":244},"Model Forms","/forms-and-user-input/model-forms","06.forms-and-user-input/08.model-forms",{"title":246,"path":247,"stem":248},"Advanced Form Techniques","/forms-and-user-input/advanced-form-techniques","06.forms-and-user-input/09.advanced-form-techniques",{"title":250,"path":251,"stem":252},"Security Considerations for Forms","/forms-and-user-input/security-considerations-for-forms","06.forms-and-user-input/10.security-considerations-for-forms",{"title":254,"path":255,"stem":256,"children":257},"Models and Databases","/models-and-databases","07.models-and-databases/01.index",[258,259,263,267,271,275,279,283,287,291,295,299,303,307,311,315,319,323,327],{"title":254,"path":255,"stem":256},{"title":260,"path":261,"stem":262},"Understanding Django Models","/models-and-databases/understanding-django-models","07.models-and-databases/02.understanding-django-models",{"title":264,"path":265,"stem":266},"Defining Fields","/models-and-databases/defining-fields","07.models-and-databases/03.defining-fields",{"title":268,"path":269,"stem":270},"Relationships and Foreign Keys","/models-and-databases/relationships-and-foreign-keys","07.models-and-databases/04.relationships-and-foreign-keys",{"title":272,"path":273,"stem":274},"Examples of Relationship Patterns","/models-and-databases/examples-of-relationship-patterns","07.models-and-databases/05.examples-of-relationship-patterns",{"title":276,"path":277,"stem":278},"Making Queries","/models-and-databases/making-queries","07.models-and-databases/06.making-queries",{"title":280,"path":281,"stem":282},"Filtering, Ordering, and Slicing","/models-and-databases/filtering-ordering-slicing","07.models-and-databases/07.filtering-ordering-slicing",{"title":284,"path":285,"stem":286},"Managers and QuerySets","/models-and-databases/managers-and-querysets","07.models-and-databases/08.managers-and-querysets",{"title":288,"path":289,"stem":290},"Aggregation","/models-and-databases/aggregation","07.models-and-databases/09.aggregation",{"title":292,"path":293,"stem":294},"Search","/models-and-databases/search","07.models-and-databases/10.search",{"title":296,"path":297,"stem":298},"Raw SQL Queries","/models-and-databases/raw-sql-queries","07.models-and-databases/11.raw-sql-queries",{"title":300,"path":301,"stem":302},"Transactions","/models-and-databases/transactions","07.models-and-databases/12.transactions",{"title":304,"path":305,"stem":306},"Multiple Databases","/models-and-databases/multiple-databases","07.models-and-databases/13.multiple-databases",{"title":308,"path":309,"stem":310},"Tablespaces","/models-and-databases/tablespaces","07.models-and-databases/14.tablespaces",{"title":312,"path":313,"stem":314},"Composite Primary Keys","/models-and-databases/composite-primary-keys","07.models-and-databases/15.composite-primary-keys",{"title":316,"path":317,"stem":318},"Database Instrumentation","/models-and-databases/database-instrumentation","07.models-and-databases/16.database-instrumentation",{"title":320,"path":321,"stem":322},"Database Optimization","/models-and-databases/database-optimization","07.models-and-databases/17.database-optimization",{"title":324,"path":325,"stem":326},"Fixtures","/models-and-databases/fixtures","07.models-and-databases/18.fixtures",{"title":328,"path":329,"stem":330},"Signals","/models-and-databases/signals","07.models-and-databases/19.signals",{"title":332,"path":333,"stem":334,"children":335},"Migrations","/migrations","08.migrations/01.index",[336,337,341,345,349,353,357,361,365,369,373,377,381,385],{"title":332,"path":333,"stem":334},{"title":338,"path":339,"stem":340},"How Migrations Work","/migrations/how-migrations-work","08.migrations/02.how-migrations-work",{"title":342,"path":343,"stem":344},"Management Commands","/migrations/management-commands","08.migrations/03.management-commands",{"title":346,"path":347,"stem":348},"Dependencies and Workflow","/migrations/dependencies-and-workflow","08.migrations/04.dependencies-and-workflow",{"title":350,"path":351,"stem":352},"Transaction Handling","/migrations/transaction-handling","08.migrations/05.transaction-handling",{"title":354,"path":355,"stem":356},"Adding Migrations to Apps","/migrations/adding-migrations-to-apps","08.migrations/06.adding-migrations-to-apps",{"title":358,"path":359,"stem":360},"Reversing Migrations","/migrations/reversing-migrations","08.migrations/07.reversing-migrations",{"title":362,"path":363,"stem":364},"Historical Models","/migrations/historical-models","08.migrations/08.historical-models",{"title":366,"path":367,"stem":368},"Considerations When Removing Fields","/migrations/considerations-when-removing-fields","08.migrations/09.considerations-when-removing-fields",{"title":370,"path":371,"stem":372},"Data Migrations","/migrations/data-migrations","08.migrations/10.data-migrations",{"title":374,"path":375,"stem":376},"Squashing Migrations","/migrations/squashing-migrations","08.migrations/11.squashing-migrations",{"title":378,"path":379,"stem":380},"Serializing Values","/migrations/serializing-values","08.migrations/12.serializing-values",{"title":382,"path":383,"stem":384},"Supporting Multiple Django Versions","/migrations/supporting-multiple-django-versions","08.migrations/13.supporting-multiple-django-versions",{"title":386,"path":387,"stem":388},"Django Serialization Framework","/migrations/django-serialization-framework","08.migrations/14.django-serialization-framework",{"title":390,"path":391,"stem":392,"children":393},"Authentication and Authorization","/authentication-and-authorization","09.authentication-and-authorization/01.index",[394,395,399,403,407,411,415,419,423,427,431,435],{"title":390,"path":391,"stem":392},{"title":396,"path":397,"stem":398},"Overview of Django's Authentication System","/authentication-and-authorization/overview-of-django-authentication-system","09.authentication-and-authorization/02.overview-of-django-authentication-system",{"title":400,"path":401,"stem":402},"Users and Groups","/authentication-and-authorization/users-and-groups","09.authentication-and-authorization/03.users-and-groups",{"title":404,"path":405,"stem":406},"Permissions","/authentication-and-authorization/permissions","09.authentication-and-authorization/04.permissions",{"title":408,"path":409,"stem":410},"Password Management","/authentication-and-authorization/password-management","09.authentication-and-authorization/05.password-management",{"title":412,"path":413,"stem":414},"Authentication Views","/authentication-and-authorization/authentication-views","09.authentication-and-authorization/06.authentication-views",{"title":416,"path":417,"stem":418},"Login and Logout","/authentication-and-authorization/login-and-logout","09.authentication-and-authorization/07.login-and-logout",{"title":420,"path":421,"stem":422},"Custom User Models","/authentication-and-authorization/custom-user-models","09.authentication-and-authorization/08.custom-user-models",{"title":424,"path":425,"stem":426},"Middleware for Authentication","/authentication-and-authorization/middleware-for-authentication","09.authentication-and-authorization/09.middleware-for-authentication",{"title":428,"path":429,"stem":430},"Authorization in Views and Templates","/authentication-and-authorization/authorization-in-views-and-templates","09.authentication-and-authorization/10.authorization-in-views-and-templates",{"title":432,"path":433,"stem":434},"Integrating Social Authentication","/authentication-and-authorization/integrating-social-authentication","09.authentication-and-authorization/11.integrating-social-authentication",{"title":436,"path":437,"stem":438},"Security Best Practices","/authentication-and-authorization/security-best-practices","09.authentication-and-authorization/12.security-best-practices",{"title":440,"path":441,"stem":442,"children":443},"Sessions, Cookies, and State","/sessions-cookies-state","10.sessions-cookies-state/01.index",[444,446,450,454,458],{"title":445,"path":441,"stem":442},"Sessions, Cookies, and State Management",{"title":447,"path":448,"stem":449},"Introduction to Sessions","/sessions-cookies-state/introduction-to-sessions","10.sessions-cookies-state/02.introduction-to-sessions",{"title":451,"path":452,"stem":453},"Working with Cookies","/sessions-cookies-state/working-with-cookies","10.sessions-cookies-state/03.working-with-cookies",{"title":455,"path":456,"stem":457},"Server-Side Session Storage Options","/sessions-cookies-state/server-side-session-storage-options","10.sessions-cookies-state/04.server-side-session-storage-options",{"title":459,"path":460,"stem":461},"Session Security","/sessions-cookies-state/session-security","10.sessions-cookies-state/05.session-security",{"title":463,"path":464,"stem":465,"children":466},"Working with Files","/working-with-files","11.working-with-files/01.index",[467,468,472,476,480,484],{"title":463,"path":464,"stem":465},{"title":469,"path":470,"stem":471},"Files in Models","/working-with-files/files-in-models","11.working-with-files/02.files-in-models",{"title":473,"path":474,"stem":475},"The File Object","/working-with-files/the-file-object","11.working-with-files/03.the-file-object",{"title":477,"path":478,"stem":479},"Storage Backends","/working-with-files/storage-backends","11.working-with-files/04.storage-backends",{"title":481,"path":482,"stem":483},"Using Cloud Storage Providers","/working-with-files/using-cloud-storage-providers","11.working-with-files/05.using-cloud-storage-providers",{"title":485,"path":486,"stem":487},"Managing Media in Production","/working-with-files/managing-media-in-production","11.working-with-files/06.managing-media-in-production",{"title":489,"path":490,"stem":491,"children":492},"Admin Site","/admin-site","12.admin-site/01.index",[493,494,498,502,506,510],{"title":489,"path":490,"stem":491},{"title":495,"path":496,"stem":497},"Enabling the Admin","/admin-site/enabling-the-admin","12.admin-site/02.enabling-the-admin",{"title":499,"path":500,"stem":501},"Registering Models","/admin-site/registering-models","12.admin-site/03.registering-models",{"title":503,"path":504,"stem":505},"Customizing Admin Display","/admin-site/customizing-admin-display","12.admin-site/04.customizing-admin-display",{"title":507,"path":508,"stem":509},"Admin Actions","/admin-site/admin-actions","12.admin-site/05.admin-actions",{"title":511,"path":512,"stem":513},"Admin Security Best Practices","/admin-site/admin-security-best-practices","12.admin-site/06.admin-security-best-practices",{"title":515,"path":516,"stem":517,"children":518},"Middleware","/middleware","13.middleware/01.index",[519,520,524,528,532,536],{"title":515,"path":516,"stem":517},{"title":521,"path":522,"stem":523},"Middleware Overview","/middleware/middleware-overview","13.middleware/02.middleware-overview",{"title":525,"path":526,"stem":527},"Built-in Middleware","/middleware/built-in-middleware","13.middleware/03.built-in-middleware",{"title":529,"path":530,"stem":531},"Creating Custom Middleware","/middleware/creating-custom-middleware","13.middleware/04.creating-custom-middleware",{"title":533,"path":534,"stem":535},"Middleware Ordering","/middleware/middleware-ordering","13.middleware/05.middleware-ordering",{"title":537,"path":538,"stem":539},"Performance and Debugging","/middleware/performance-and-debugging","13.middleware/06.performance-and-debugging",{"title":541,"path":542,"stem":543,"children":544},"Security","/security","14.security/01.index",[545,546,550,554,558,562,566,570,574],{"title":541,"path":542,"stem":543},{"title":547,"path":548,"stem":549},"Django Security Philosophy","/security/django-security-philosophy","14.security/02.django-security-philosophy",{"title":551,"path":552,"stem":553},"Cross Site Request Forgery","/security/cross-site-request-forgery","14.security/03.cross-site-request-forgery",{"title":555,"path":556,"stem":557},"Cross Site Scripting","/security/cross-site-scripting","14.security/04.cross-site-scripting",{"title":559,"path":560,"stem":561},"SQL Injection Protection","/security/sql-injection-protection","14.security/05.sql-injection-protection",{"title":563,"path":564,"stem":565},"Clickjacking Protection","/security/clickjacking-protection","14.security/06.clickjacking-protection",{"title":567,"path":568,"stem":569},"HTTPS Setup and HSTS","/security/https-setup-and-hsts","14.security/07.https-setup-and-hsts",{"title":571,"path":572,"stem":573},"Password Storage and Cryptography","/security/password-storage-and-cryptography","14.security/08.password-storage-and-cryptography",{"title":575,"path":576,"stem":577},"Secure Deployment Checklist","/security/secure-deployment-checklist","14.security/09.secure-deployment-checklist",{"title":579,"path":580,"stem":581,"children":582},"Testing","/testing","15.testing/01.index",[583,584,588,592,596,600,604,608,612,616,620],{"title":579,"path":580,"stem":581},{"title":585,"path":586,"stem":587},"Introduction to Django Testing","/testing/introduction-to-django-testing","15.testing/02.introduction-to-django-testing",{"title":589,"path":590,"stem":591},"Writing and Running Tests","/testing/writing-and-running-tests","15.testing/03.writing-and-running-tests",{"title":593,"path":594,"stem":595},"Test Tools","/testing/test-tools","15.testing/04.test-tools",{"title":597,"path":598,"stem":599},"Testing Models","/testing/testing-models","15.testing/05.testing-models",{"title":601,"path":602,"stem":603},"Testing Views","/testing/testing-views","15.testing/06.testing-views",{"title":605,"path":606,"stem":607},"Testing Forms","/testing/testing-forms","15.testing/07.testing-forms",{"title":609,"path":610,"stem":611},"Testing Templates","/testing/testing-templates","15.testing/08.testing-templates",{"title":613,"path":614,"stem":615},"Testing Authentication","/testing/testing-authentication","15.testing/09.testing-authentication",{"title":617,"path":618,"stem":619},"Advanced Testing Topics","/testing/advanced-testing-topics","15.testing/10.advanced-testing-topics",{"title":621,"path":622,"stem":623},"Performance Testing","/testing/performance-testing","15.testing/11.performance-testing",{"title":625,"path":626,"stem":627,"children":628},"Static Assets and Frontend Integration","/static-assets-and-frontend-integration","16.static-assets-and-frontend-integration/01.index",[629,630,634,638,642,646],{"title":625,"path":626,"stem":627},{"title":631,"path":632,"stem":633},"Working with Static Files","/static-assets-and-frontend-integration/working-with-static-files","16.static-assets-and-frontend-integration/02.working-with-static-files",{"title":635,"path":636,"stem":637},"Integrating CSS and JavaScript","/static-assets-and-frontend-integration/integrating-css-and-javascript","16.static-assets-and-frontend-integration/03.integrating-css-and-javascript",{"title":639,"path":640,"stem":641},"Using Build Tools like Vite or Webpack","/static-assets-and-frontend-integration/using-build-tools-like-vite-or-webpack","16.static-assets-and-frontend-integration/04.using-build-tools-like-vite-or-webpack",{"title":643,"path":644,"stem":645},"Using React or Vue with Django","/static-assets-and-frontend-integration/using-react-or-vue-with-django","16.static-assets-and-frontend-integration/05.using-react-or-vue-with-django",{"title":647,"path":648,"stem":649},"Managing CORS","/static-assets-and-frontend-integration/managing-cors","16.static-assets-and-frontend-integration/06.managing-cors",{"title":651,"path":652,"stem":653,"children":654},"Internationalization and Localization","/internationalization-and-localization","17.internationalization-and-localization/01.index",[655,656,660,664,668],{"title":651,"path":652,"stem":653},{"title":657,"path":658,"stem":659},"Enabling Translation","/internationalization-and-localization/enabling-translation","17.internationalization-and-localization/02.enabling-translation",{"title":661,"path":662,"stem":663},"Translating Text in Code and Templates","/internationalization-and-localization/translating-text-in-code-and-templates","17.internationalization-and-localization/03.translating-text-in-code-and-templates",{"title":665,"path":666,"stem":667},"Timezone Support","/internationalization-and-localization/timezone-support","17.internationalization-and-localization/04.timezone-support",{"title":669,"path":670,"stem":671},"Locale Middleware","/internationalization-and-localization/locale-middleware","17.internationalization-and-localization/05.locale-middleware",{"title":673,"path":674,"stem":675,"children":676},"Caching","/caching","18.caching/01.index",[677,678,682,686,690,694,698],{"title":673,"path":674,"stem":675},{"title":679,"path":680,"stem":681},"Introduction to Caching","/caching/introduction-to-caching","18.caching/02.introduction-to-caching",{"title":683,"path":684,"stem":685},"Cache Backends","/caching/cache-backends","18.caching/03.cache-backends",{"title":687,"path":688,"stem":689},"Per View Caching","/caching/per-view-caching","18.caching/04.per-view-caching",{"title":691,"path":692,"stem":693},"Low Level Cache API","/caching/low-level-cache-api","18.caching/05.low-level-cache-api",{"title":695,"path":696,"stem":697},"Template Fragment Caching","/caching/template-fragment-caching","18.caching/06.template-fragment-caching",{"title":699,"path":700,"stem":701},"Deployment Level Caching Patterns","/caching/deployment-level-caching-patterns","18.caching/07.deployment-level-caching-patterns",{"title":703,"path":704,"stem":705,"children":706},"Asynchronous Django","/asynchronous-django","19.asynchronous-django/01.index",[707,708,712,716,720,724,728,732],{"title":703,"path":704,"stem":705},{"title":709,"path":710,"stem":711},"Introduction to ASGI","/asynchronous-django/introduction-to-asgi","19.asynchronous-django/02.introduction-to-asgi",{"title":713,"path":714,"stem":715},"Async Views","/asynchronous-django/async-views","19.asynchronous-django/03.async-views",{"title":717,"path":718,"stem":719},"Async ORM Status","/asynchronous-django/async-orm-status","19.asynchronous-django/04.async-orm-status",{"title":721,"path":722,"stem":723},"WebSockets with Channels","/asynchronous-django/websockets-with-channels","19.asynchronous-django/05.websockets-with-channels",{"title":725,"path":726,"stem":727},"Background Tasks with Celery or RQ","/asynchronous-django/background-tasks-with-celery-or-rq","19.asynchronous-django/06.background-tasks-with-celery-or-rq",{"title":729,"path":730,"stem":731},"Asynchronous Support","/asynchronous-django/asynchronous-support","19.asynchronous-django/07.asynchronous-support",{"title":733,"path":734,"stem":735},"Django's Tasks Framework","/asynchronous-django/django-tasks-framework","19.asynchronous-django/08.django-tasks-framework",{"title":737,"path":738,"stem":739,"children":740},"Deployment","/deployment","20.deployment/01.index",[741,742,746,750,754,758,762,766,770],{"title":737,"path":738,"stem":739},{"title":743,"path":744,"stem":745},"Preparing for Production","/deployment/preparing-for-production","20.deployment/02.preparing-for-production",{"title":747,"path":748,"stem":749},"Using WSGI and ASGI Servers","/deployment/using-wsgi-and-asgi-servers","20.deployment/03.using-wsgi-and-asgi-servers",{"title":751,"path":752,"stem":753},"Deploying on Linux Servers","/deployment/deploying-on-linux-servers","20.deployment/04.deploying-on-linux-servers",{"title":755,"path":756,"stem":757},"Using Docker","/deployment/using-docker","20.deployment/05.using-docker",{"title":759,"path":760,"stem":761},"Cloud Deployment Guides","/deployment/cloud-deployment-guides","20.deployment/06.cloud-deployment-guides",{"title":763,"path":764,"stem":765},"Scaling and Load Balancing","/deployment/scaling-and-load-balancing","20.deployment/07.scaling-and-load-balancing",{"title":767,"path":768,"stem":769},"Monitoring and Logging","/deployment/monitoring-and-logging","20.deployment/08.monitoring-and-logging",{"title":771,"path":772,"stem":773},"Backup Strategies","/deployment/backup-strategies","20.deployment/09.backup-strategies",{"title":775,"path":776,"stem":777,"children":778},"Performance and Optimization","/performance-and-optimization","21.performance-and-optimization/01.index",[779,780,784,788,792,796],{"title":775,"path":776,"stem":777},{"title":781,"path":782,"stem":783},"Query Optimization","/performance-and-optimization/query-optimization","21.performance-and-optimization/02.query-optimization",{"title":785,"path":786,"stem":787},"Template Rendering Optimization","/performance-and-optimization/template-rendering-optimization","21.performance-and-optimization/03.template-rendering-optimization",{"title":789,"path":790,"stem":791},"Using Select Related and Prefetch Related","/performance-and-optimization/using-select-related-and-prefetch-related","21.performance-and-optimization/04.using-select-related-and-prefetch-related",{"title":793,"path":794,"stem":795},"Caching Strategies","/performance-and-optimization/caching-strategies","21.performance-and-optimization/05.caching-strategies",{"title":797,"path":798,"stem":799},"Profiling Django Apps","/performance-and-optimization/profiling-django-apps","21.performance-and-optimization/06.profiling-django-apps",{"title":801,"path":802,"stem":803,"children":804},"Advanced and Expert Topics","/advanced-and-expert-topics","22.advanced-and-expert-topics/01.index",[805,806,810,814,818,822,826,830,834,838,842,846],{"title":801,"path":802,"stem":803},{"title":807,"path":808,"stem":809},"System Architecture Patterns","/advanced-and-expert-topics/system-architecture-patterns","22.advanced-and-expert-topics/02.system-architecture-patterns",{"title":811,"path":812,"stem":813},"Domain Driven Design with Django","/advanced-and-expert-topics/domain-driven-design-with-django","22.advanced-and-expert-topics/03.domain-driven-design-with-django",{"title":815,"path":816,"stem":817},"Building Large Scale Django Projects","/advanced-and-expert-topics/building-large-scale-django-projects","22.advanced-and-expert-topics/04.building-large-scale-django-projects",{"title":819,"path":820,"stem":821},"Plugin Architectures for Django Apps","/advanced-and-expert-topics/plugin-architectures-for-django-apps","22.advanced-and-expert-topics/05.plugin-architectures-for-django-apps",{"title":823,"path":824,"stem":825},"Extending Django's Core","/advanced-and-expert-topics/extending-djangos-core","22.advanced-and-expert-topics/06.extending-djangos-core",{"title":827,"path":828,"stem":829},"Custom ORM Expressions","/advanced-and-expert-topics/custom-orm-expressions","22.advanced-and-expert-topics/07.custom-orm-expressions",{"title":831,"path":832,"stem":833},"Custom Management Commands","/advanced-and-expert-topics/custom-management-commands","22.advanced-and-expert-topics/08.custom-management-commands",{"title":835,"path":836,"stem":837},"Working with Signals","/advanced-and-expert-topics/working-with-signals","22.advanced-and-expert-topics/09.working-with-signals",{"title":839,"path":840,"stem":841},"Building Reusable Django Packages","/advanced-and-expert-topics/building-reusable-django-packages","22.advanced-and-expert-topics/10.building-reusable-django-packages",{"title":843,"path":844,"stem":845},"Integrating Microservices","/advanced-and-expert-topics/integrating-microservices","22.advanced-and-expert-topics/11.integrating-microservices",{"title":847,"path":848,"stem":849},"Advanced Security Hardening","/advanced-and-expert-topics/advanced-security-hardening","22.advanced-and-expert-topics/12.advanced-security-hardening",{"title":851,"path":852,"stem":853,"children":854},"Logging in Django","/logging-in-django","23.logging-in-django/01.index",[855],{"title":851,"path":852,"stem":853},{"title":857,"path":858,"stem":859,"children":860},"FAQ and Troubleshooting","/faq-and-troubleshooting","24.faq-and-troubleshooting/01.index",[861],{"title":857,"path":858,"stem":859},{"title":863,"path":864,"stem":865,"children":866},"External Packages and Ecosystem","/external-packages-and-ecosystem","25.external-packages-and-ecosystem/01.index",[867],{"title":863,"path":864,"stem":865},{"title":869,"path":870,"stem":871,"children":872},"Django Internals and Contributing","/django-internals-and-contributing","26.django-internals-and-contributing/01.index",[873],{"title":869,"path":870,"stem":871},{"title":875,"path":876,"stem":877,"children":878},"Microservices with Django","/microservices-with-django","27.microservices-with-django/01.index",[879,880,884,888,892,896,900,904,908,912,916,920,924],{"title":875,"path":876,"stem":877},{"title":881,"path":882,"stem":883},"What Is a Microservice?","/microservices-with-django/what-is-a-microservice","27.microservices-with-django/02.what-is-a-microservice",{"title":885,"path":886,"stem":887},"Introducing the Django Microservices Architecture","/microservices-with-django/django-microservices-architecture","27.microservices-with-django/03.django-microservices-architecture",{"title":889,"path":890,"stem":891},"Setting Up the Development and Runtime Environment","/microservices-with-django/development-environment","27.microservices-with-django/04.development-environment",{"title":893,"path":894,"stem":895},"Cloud-native Data Processing with MongoDB","/microservices-with-django/cloud-native-data-processing","27.microservices-with-django/05.cloud-native-data-processing",{"title":897,"path":898,"stem":899},"Creating RESTful APIs for Microservices","/microservices-with-django/restful-apis","27.microservices-with-django/06.restful-apis",{"title":901,"path":902,"stem":903},"Orchestrating Microservices with Celery and RabbitMQ","/microservices-with-django/orchestrating-celery-rabbitmq","27.microservices-with-django/07.orchestrating-celery-rabbitmq",{"title":905,"path":906,"stem":907},"Testing Microservices","/microservices-with-django/testing-microservices","27.microservices-with-django/08.testing-microservices",{"title":909,"path":910,"stem":911},"Deploying Microservices","/microservices-with-django/deploying-microservices","27.microservices-with-django/09.deploying-microservices",{"title":913,"path":914,"stem":915},"Securing Microservices","/microservices-with-django/securing-microservices","27.microservices-with-django/10.securing-microservices",{"title":917,"path":918,"stem":919},"Improving Microservices Performance with Caching","/microservices-with-django/performance-caching","27.microservices-with-django/11.performance-caching",{"title":921,"path":922,"stem":923},"Best Practices","/microservices-with-django/best-practices","27.microservices-with-django/12.best-practices",{"title":925,"path":926,"stem":927},"Transforming a Monolithic Web App into a Microservice version","/microservices-with-django/monolith-to-microservices","27.microservices-with-django/13.monolith-to-microservices",{"title":929,"path":930,"stem":931,"children":932},"Releases","/releases","releases",[933,936,940,944,948,952,956,960,964,968,972,976,980,984,988,992,996,1000,1004,1008,1012],{"title":934,"path":930,"stem":935},"Django Releases","releases/index",{"title":937,"path":938,"stem":939},"Django 5.1.10 release notes","/releases/5.1.10","releases/5.1.10",{"title":941,"path":942,"stem":943},"Django 5.1.11 release notes","/releases/5.1.11","releases/5.1.11",{"title":945,"path":946,"stem":947},"Django 5.1.12 release notes","/releases/5.1.12","releases/5.1.12",{"title":949,"path":950,"stem":951},"Django 5.1.13 release notes","/releases/5.1.13","releases/5.1.13",{"title":953,"path":954,"stem":955},"Django 5.1.14 release notes","/releases/5.1.14","releases/5.1.14",{"title":957,"path":958,"stem":959},"Django 5.1.15 release notes","/releases/5.1.15","releases/5.1.15",{"title":961,"path":962,"stem":963},"Django 5.2 release notes","/releases/5.2","releases/5.2",{"title":965,"path":966,"stem":967},"Django 5.2.1 release notes","/releases/5.2.1","releases/5.2.1",{"title":969,"path":970,"stem":971},"Django 5.2.10 release notes","/releases/5.2.10","releases/5.2.10",{"title":973,"path":974,"stem":975},"Django 5.2.2 release notes","/releases/5.2.2","releases/5.2.2",{"title":977,"path":978,"stem":979},"Django 5.2.3 release notes","/releases/5.2.3","releases/5.2.3",{"title":981,"path":982,"stem":983},"Django 5.2.4 release notes","/releases/5.2.4","releases/5.2.4",{"title":985,"path":986,"stem":987},"Django 5.2.5 release notes","/releases/5.2.5","releases/5.2.5",{"title":989,"path":990,"stem":991},"Django 5.2.6 release notes","/releases/5.2.6","releases/5.2.6",{"title":993,"path":994,"stem":995},"Django 5.2.7 release notes","/releases/5.2.7","releases/5.2.7",{"title":997,"path":998,"stem":999},"Django 5.2.8 release notes","/releases/5.2.8","releases/5.2.8",{"title":1001,"path":1002,"stem":1003},"Django 5.2.9 release notes","/releases/5.2.9","releases/5.2.9",{"title":1005,"path":1006,"stem":1007},"Django 6.0 release notes","/releases/6.0","releases/6.0",{"title":1009,"path":1010,"stem":1011},"Django 6.0.1 release notes","/releases/6.0.1","releases/6.0.1",{"title":1013,"path":1014,"stem":1015},"Django 6.1 release notes - UNDER DEVELOPMENT","/releases/6.1","releases/6.1",{"id":1017,"title":563,"body":1018,"description":1028,"extension":9316,"links":9317,"meta":9318,"navigation":1740,"path":564,"seo":9319,"stem":565,"__hash__":9320},"docs/14.security/06.clickjacking-protection.md",{"type":1019,"value":1020,"toc":9283},"minimark",[1021,1025,1029,1034,1039,1720,1724,1858,1862,1866,1869,1960,1964,2223,2227,2931,2935,2939,2942,3732,3736,4419,4423,4427,5515,5519,6638,6642,6646,7171,7175,8062,8066,8070,9195,9199,9203,9219,9223,9237,9241,9255,9259,9273,9277,9280],[1022,1023,563],"h1",{"id":1024},"clickjacking-protection",[1026,1027,1028],"p",{},"Clickjacking is a malicious technique where attackers trick users into clicking on something different from what they perceive, potentially leading to unauthorized actions. Django provides built-in protection against clickjacking attacks through frame options and Content Security Policy headers.",[1030,1031,1033],"h2",{"id":1032},"understanding-clickjacking-attacks","Understanding Clickjacking Attacks",[1035,1036,1038],"h3",{"id":1037},"how-clickjacking-works","How Clickjacking Works",[1040,1041,1046],"pre",{"className":1042,"code":1043,"language":1044,"meta":1045,"style":1045},"language-html shiki shiki-themes material-theme-lighter vitesse-light vitesse-dark","\u003C!-- Malicious website example -->\n\u003C!DOCTYPE html>\n\u003Chtml>\n\u003Chead>\n    \u003Ctitle>Win a Free iPhone!\u003C/title>\n    \u003Cstyle>\n        .overlay {\n            position: absolute;\n            top: 0;\n            left: 0;\n            width: 100%;\n            height: 100%;\n            z-index: 1000;\n            opacity: 0; /* Invisible overlay */\n        }\n        \n        .fake-button {\n            position: absolute;\n            top: 200px;\n            left: 300px;\n            width: 200px;\n            height: 50px;\n            background: red;\n            color: white;\n            text-align: center;\n            line-height: 50px;\n            cursor: pointer;\n        }\n        \n        .hidden-iframe {\n            position: absolute;\n            top: 150px; /* Positioned so real button aligns with fake button */\n            left: 250px;\n            width: 300px;\n            height: 100px;\n            opacity: 0.01; /* Nearly invisible but still functional */\n            z-index: 999;\n        }\n    \u003C/style>\n\u003C/head>\n\u003Cbody>\n    \u003Ch1>Congratulations! You've won a free iPhone!\u003C/h1>\n    \u003Cp>Click the button below to claim your prize:\u003C/p>\n    \n    \u003C!-- Fake button that user sees -->\n    \u003Cdiv class=\"fake-button\">Claim Prize!\u003C/div>\n    \n    \u003C!-- Hidden iframe containing the real application -->\n    \u003Ciframe src=\"https://yourapp.com/delete-account/\" \n            class=\"hidden-iframe\">\n    \u003C/iframe>\n    \n    \u003C!-- User thinks they're clicking \"Claim Prize\" but actually clicking \"Delete Account\" -->\n\u003C/body>\n\u003C/html>\n","html","",[1047,1048,1049,1058,1076,1086,1096,1119,1129,1142,1159,1173,1185,1202,1216,1229,1245,1251,1257,1267,1278,1293,1307,1320,1334,1347,1360,1373,1387,1400,1405,1410,1420,1431,1448,1462,1475,1488,1503,1515,1520,1530,1539,1549,1567,1585,1591,1597,1631,1636,1642,1666,1682,1691,1696,1702,1711],"code",{"__ignoreMap":1045},[1050,1051,1054],"span",{"class":1052,"line":1053},"line",1,[1050,1055,1057],{"class":1056},"s9Tkl","\u003C!-- Malicious website example -->\n",[1050,1059,1061,1065,1069,1073],{"class":1052,"line":1060},2,[1050,1062,1064],{"class":1063},"soVBu","\u003C!",[1050,1066,1068],{"class":1067},"sJFLg","DOCTYPE",[1050,1070,1072],{"class":1071},"s5q8q"," html",[1050,1074,1075],{"class":1063},">\n",[1050,1077,1079,1082,1084],{"class":1052,"line":1078},3,[1050,1080,1081],{"class":1063},"\u003C",[1050,1083,1044],{"class":1067},[1050,1085,1075],{"class":1063},[1050,1087,1089,1091,1094],{"class":1052,"line":1088},4,[1050,1090,1081],{"class":1063},[1050,1092,1093],{"class":1067},"head",[1050,1095,1075],{"class":1063},[1050,1097,1099,1102,1105,1108,1112,1115,1117],{"class":1052,"line":1098},5,[1050,1100,1101],{"class":1063},"    \u003C",[1050,1103,1104],{"class":1067},"title",[1050,1106,1107],{"class":1063},">",[1050,1109,1111],{"class":1110},"sftqT","Win a Free iPhone!",[1050,1113,1114],{"class":1063},"\u003C/",[1050,1116,1104],{"class":1067},[1050,1118,1075],{"class":1063},[1050,1120,1122,1124,1127],{"class":1052,"line":1121},6,[1050,1123,1101],{"class":1063},[1050,1125,1126],{"class":1067},"style",[1050,1128,1075],{"class":1063},[1050,1130,1132,1135,1139],{"class":1052,"line":1131},7,[1050,1133,1134],{"class":1063},"        .",[1050,1136,1138],{"class":1137},"sKL33","overlay",[1050,1140,1141],{"class":1063}," {\n",[1050,1143,1145,1149,1152,1156],{"class":1052,"line":1144},8,[1050,1146,1148],{"class":1147},"s5HLA","            position",[1050,1150,1151],{"class":1063},":",[1050,1153,1155],{"class":1154},"se3Ec"," absolute",[1050,1157,1158],{"class":1063},";\n",[1050,1160,1162,1165,1167,1171],{"class":1052,"line":1161},9,[1050,1163,1164],{"class":1147},"            top",[1050,1166,1151],{"class":1063},[1050,1168,1170],{"class":1169},"s7CZa"," 0",[1050,1172,1158],{"class":1063},[1050,1174,1176,1179,1181,1183],{"class":1052,"line":1175},10,[1050,1177,1178],{"class":1147},"            left",[1050,1180,1151],{"class":1063},[1050,1182,1170],{"class":1169},[1050,1184,1158],{"class":1063},[1050,1186,1188,1191,1193,1196,1200],{"class":1052,"line":1187},11,[1050,1189,1190],{"class":1147},"            width",[1050,1192,1151],{"class":1063},[1050,1194,1195],{"class":1169}," 100",[1050,1197,1199],{"class":1198},"sQBxk","%",[1050,1201,1158],{"class":1063},[1050,1203,1205,1208,1210,1212,1214],{"class":1052,"line":1204},12,[1050,1206,1207],{"class":1147},"            height",[1050,1209,1151],{"class":1063},[1050,1211,1195],{"class":1169},[1050,1213,1199],{"class":1198},[1050,1215,1158],{"class":1063},[1050,1217,1219,1222,1224,1227],{"class":1052,"line":1218},13,[1050,1220,1221],{"class":1147},"            z-index",[1050,1223,1151],{"class":1063},[1050,1225,1226],{"class":1169}," 1000",[1050,1228,1158],{"class":1063},[1050,1230,1232,1235,1237,1239,1242],{"class":1052,"line":1231},14,[1050,1233,1234],{"class":1147},"            opacity",[1050,1236,1151],{"class":1063},[1050,1238,1170],{"class":1169},[1050,1240,1241],{"class":1063},";",[1050,1243,1244],{"class":1056}," /* Invisible overlay */\n",[1050,1246,1248],{"class":1052,"line":1247},15,[1050,1249,1250],{"class":1063},"        }\n",[1050,1252,1254],{"class":1052,"line":1253},16,[1050,1255,1256],{"class":1110},"        \n",[1050,1258,1260,1262,1265],{"class":1052,"line":1259},17,[1050,1261,1134],{"class":1063},[1050,1263,1264],{"class":1137},"fake-button",[1050,1266,1141],{"class":1063},[1050,1268,1270,1272,1274,1276],{"class":1052,"line":1269},18,[1050,1271,1148],{"class":1147},[1050,1273,1151],{"class":1063},[1050,1275,1155],{"class":1154},[1050,1277,1158],{"class":1063},[1050,1279,1281,1283,1285,1288,1291],{"class":1052,"line":1280},19,[1050,1282,1164],{"class":1147},[1050,1284,1151],{"class":1063},[1050,1286,1287],{"class":1169}," 200",[1050,1289,1290],{"class":1198},"px",[1050,1292,1158],{"class":1063},[1050,1294,1296,1298,1300,1303,1305],{"class":1052,"line":1295},20,[1050,1297,1178],{"class":1147},[1050,1299,1151],{"class":1063},[1050,1301,1302],{"class":1169}," 300",[1050,1304,1290],{"class":1198},[1050,1306,1158],{"class":1063},[1050,1308,1310,1312,1314,1316,1318],{"class":1052,"line":1309},21,[1050,1311,1190],{"class":1147},[1050,1313,1151],{"class":1063},[1050,1315,1287],{"class":1169},[1050,1317,1290],{"class":1198},[1050,1319,1158],{"class":1063},[1050,1321,1323,1325,1327,1330,1332],{"class":1052,"line":1322},22,[1050,1324,1207],{"class":1147},[1050,1326,1151],{"class":1063},[1050,1328,1329],{"class":1169}," 50",[1050,1331,1290],{"class":1198},[1050,1333,1158],{"class":1063},[1050,1335,1337,1340,1342,1345],{"class":1052,"line":1336},23,[1050,1338,1339],{"class":1147},"            background",[1050,1341,1151],{"class":1063},[1050,1343,1344],{"class":1154}," red",[1050,1346,1158],{"class":1063},[1050,1348,1350,1353,1355,1358],{"class":1052,"line":1349},24,[1050,1351,1352],{"class":1147},"            color",[1050,1354,1151],{"class":1063},[1050,1356,1357],{"class":1154}," white",[1050,1359,1158],{"class":1063},[1050,1361,1363,1366,1368,1371],{"class":1052,"line":1362},25,[1050,1364,1365],{"class":1147},"            text-align",[1050,1367,1151],{"class":1063},[1050,1369,1370],{"class":1154}," center",[1050,1372,1158],{"class":1063},[1050,1374,1376,1379,1381,1383,1385],{"class":1052,"line":1375},26,[1050,1377,1378],{"class":1147},"            line-height",[1050,1380,1151],{"class":1063},[1050,1382,1329],{"class":1169},[1050,1384,1290],{"class":1198},[1050,1386,1158],{"class":1063},[1050,1388,1390,1393,1395,1398],{"class":1052,"line":1389},27,[1050,1391,1392],{"class":1147},"            cursor",[1050,1394,1151],{"class":1063},[1050,1396,1397],{"class":1154}," pointer",[1050,1399,1158],{"class":1063},[1050,1401,1403],{"class":1052,"line":1402},28,[1050,1404,1250],{"class":1063},[1050,1406,1408],{"class":1052,"line":1407},29,[1050,1409,1256],{"class":1110},[1050,1411,1413,1415,1418],{"class":1052,"line":1412},30,[1050,1414,1134],{"class":1063},[1050,1416,1417],{"class":1137},"hidden-iframe",[1050,1419,1141],{"class":1063},[1050,1421,1423,1425,1427,1429],{"class":1052,"line":1422},31,[1050,1424,1148],{"class":1147},[1050,1426,1151],{"class":1063},[1050,1428,1155],{"class":1154},[1050,1430,1158],{"class":1063},[1050,1432,1434,1436,1438,1441,1443,1445],{"class":1052,"line":1433},32,[1050,1435,1164],{"class":1147},[1050,1437,1151],{"class":1063},[1050,1439,1440],{"class":1169}," 150",[1050,1442,1290],{"class":1198},[1050,1444,1241],{"class":1063},[1050,1446,1447],{"class":1056}," /* Positioned so real button aligns with fake button */\n",[1050,1449,1451,1453,1455,1458,1460],{"class":1052,"line":1450},33,[1050,1452,1178],{"class":1147},[1050,1454,1151],{"class":1063},[1050,1456,1457],{"class":1169}," 250",[1050,1459,1290],{"class":1198},[1050,1461,1158],{"class":1063},[1050,1463,1465,1467,1469,1471,1473],{"class":1052,"line":1464},34,[1050,1466,1190],{"class":1147},[1050,1468,1151],{"class":1063},[1050,1470,1302],{"class":1169},[1050,1472,1290],{"class":1198},[1050,1474,1158],{"class":1063},[1050,1476,1478,1480,1482,1484,1486],{"class":1052,"line":1477},35,[1050,1479,1207],{"class":1147},[1050,1481,1151],{"class":1063},[1050,1483,1195],{"class":1169},[1050,1485,1290],{"class":1198},[1050,1487,1158],{"class":1063},[1050,1489,1491,1493,1495,1498,1500],{"class":1052,"line":1490},36,[1050,1492,1234],{"class":1147},[1050,1494,1151],{"class":1063},[1050,1496,1497],{"class":1169}," 0.01",[1050,1499,1241],{"class":1063},[1050,1501,1502],{"class":1056}," /* Nearly invisible but still functional */\n",[1050,1504,1506,1508,1510,1513],{"class":1052,"line":1505},37,[1050,1507,1221],{"class":1147},[1050,1509,1151],{"class":1063},[1050,1511,1512],{"class":1169}," 999",[1050,1514,1158],{"class":1063},[1050,1516,1518],{"class":1052,"line":1517},38,[1050,1519,1250],{"class":1063},[1050,1521,1523,1526,1528],{"class":1052,"line":1522},39,[1050,1524,1525],{"class":1063},"    \u003C/",[1050,1527,1126],{"class":1067},[1050,1529,1075],{"class":1063},[1050,1531,1533,1535,1537],{"class":1052,"line":1532},40,[1050,1534,1114],{"class":1063},[1050,1536,1093],{"class":1067},[1050,1538,1075],{"class":1063},[1050,1540,1542,1544,1547],{"class":1052,"line":1541},41,[1050,1543,1081],{"class":1063},[1050,1545,1546],{"class":1067},"body",[1050,1548,1075],{"class":1063},[1050,1550,1552,1554,1556,1558,1561,1563,1565],{"class":1052,"line":1551},42,[1050,1553,1101],{"class":1063},[1050,1555,1022],{"class":1067},[1050,1557,1107],{"class":1063},[1050,1559,1560],{"class":1110},"Congratulations! You've won a free iPhone!",[1050,1562,1114],{"class":1063},[1050,1564,1022],{"class":1067},[1050,1566,1075],{"class":1063},[1050,1568,1570,1572,1574,1576,1579,1581,1583],{"class":1052,"line":1569},43,[1050,1571,1101],{"class":1063},[1050,1573,1026],{"class":1067},[1050,1575,1107],{"class":1063},[1050,1577,1578],{"class":1110},"Click the button below to claim your prize:",[1050,1580,1114],{"class":1063},[1050,1582,1026],{"class":1067},[1050,1584,1075],{"class":1063},[1050,1586,1588],{"class":1052,"line":1587},44,[1050,1589,1590],{"class":1110},"    \n",[1050,1592,1594],{"class":1052,"line":1593},45,[1050,1595,1596],{"class":1056},"    \u003C!-- Fake button that user sees -->\n",[1050,1598,1600,1602,1605,1608,1611,1615,1618,1620,1622,1625,1627,1629],{"class":1052,"line":1599},46,[1050,1601,1101],{"class":1063},[1050,1603,1604],{"class":1067},"div",[1050,1606,1607],{"class":1071}," class",[1050,1609,1610],{"class":1063},"=",[1050,1612,1614],{"class":1613},"sbYkP","\"",[1050,1616,1264],{"class":1617},"sTbE_",[1050,1619,1614],{"class":1613},[1050,1621,1107],{"class":1063},[1050,1623,1624],{"class":1110},"Claim Prize!",[1050,1626,1114],{"class":1063},[1050,1628,1604],{"class":1067},[1050,1630,1075],{"class":1063},[1050,1632,1634],{"class":1052,"line":1633},47,[1050,1635,1590],{"class":1110},[1050,1637,1639],{"class":1052,"line":1638},48,[1050,1640,1641],{"class":1056},"    \u003C!-- Hidden iframe containing the real application -->\n",[1050,1643,1645,1647,1650,1653,1655,1657,1660,1662],{"class":1052,"line":1644},49,[1050,1646,1101],{"class":1063},[1050,1648,1649],{"class":1067},"iframe",[1050,1651,1652],{"class":1071}," src",[1050,1654,1610],{"class":1063},[1050,1656,1614],{"class":1613},[1050,1658,1659],{"class":1617},"https://yourapp.com/delete-account/",[1050,1661,1614],{"class":1613},[1050,1663,1665],{"class":1664},"sHnae"," \n",[1050,1667,1669,1672,1674,1676,1678,1680],{"class":1052,"line":1668},50,[1050,1670,1671],{"class":1071},"            class",[1050,1673,1610],{"class":1063},[1050,1675,1614],{"class":1613},[1050,1677,1417],{"class":1617},[1050,1679,1614],{"class":1613},[1050,1681,1075],{"class":1063},[1050,1683,1685,1687,1689],{"class":1052,"line":1684},51,[1050,1686,1525],{"class":1063},[1050,1688,1649],{"class":1067},[1050,1690,1075],{"class":1063},[1050,1692,1694],{"class":1052,"line":1693},52,[1050,1695,1590],{"class":1110},[1050,1697,1699],{"class":1052,"line":1698},53,[1050,1700,1701],{"class":1056},"    \u003C!-- User thinks they're clicking \"Claim Prize\" but actually clicking \"Delete Account\" -->\n",[1050,1703,1705,1707,1709],{"class":1052,"line":1704},54,[1050,1706,1114],{"class":1063},[1050,1708,1546],{"class":1067},[1050,1710,1075],{"class":1063},[1050,1712,1714,1716,1718],{"class":1052,"line":1713},55,[1050,1715,1114],{"class":1063},[1050,1717,1044],{"class":1067},[1050,1719,1075],{"class":1063},[1035,1721,1723],{"id":1722},"clickjacking-attack-scenarios","Clickjacking Attack Scenarios",[1040,1725,1729],{"className":1726,"code":1727,"language":1728,"meta":1045,"style":1045},"language-python shiki shiki-themes material-theme-lighter vitesse-light vitesse-dark","# Common clickjacking targets in web applications:\n\n# 1. Account deletion\n# Attacker embeds: https://yourapp.com/delete-account/\n# User thinks they're clicking: \"Download Free Software\"\n# Actually clicking: \"Confirm Account Deletion\"\n\n# 2. Money transfer\n# Attacker embeds: https://bank.com/transfer/\n# User thinks they're clicking: \"Play Game\"\n# Actually clicking: \"Transfer $1000\"\n\n# 3. Social media actions\n# Attacker embeds: https://social.com/share/\n# User thinks they're clicking: \"See Funny Video\"\n# Actually clicking: \"Share Malicious Content\"\n\n# 4. Admin actions\n# Attacker embeds: https://yourapp.com/admin/users/delete/\n# User thinks they're clicking: \"View Report\"\n# Actually clicking: \"Delete User Account\"\n\n# 5. OAuth authorization\n# Attacker embeds: https://oauth.provider.com/authorize/\n# User thinks they're clicking: \"Continue Reading\"\n# Actually clicking: \"Grant App Permissions\"\n","python",[1047,1730,1731,1736,1742,1747,1752,1757,1762,1766,1771,1776,1781,1786,1790,1795,1800,1805,1810,1814,1819,1824,1829,1834,1838,1843,1848,1853],{"__ignoreMap":1045},[1050,1732,1733],{"class":1052,"line":1053},[1050,1734,1735],{"class":1056},"# Common clickjacking targets in web applications:\n",[1050,1737,1738],{"class":1052,"line":1060},[1050,1739,1741],{"emptyLinePlaceholder":1740},true,"\n",[1050,1743,1744],{"class":1052,"line":1078},[1050,1745,1746],{"class":1056},"# 1. Account deletion\n",[1050,1748,1749],{"class":1052,"line":1088},[1050,1750,1751],{"class":1056},"# Attacker embeds: https://yourapp.com/delete-account/\n",[1050,1753,1754],{"class":1052,"line":1098},[1050,1755,1756],{"class":1056},"# User thinks they're clicking: \"Download Free Software\"\n",[1050,1758,1759],{"class":1052,"line":1121},[1050,1760,1761],{"class":1056},"# Actually clicking: \"Confirm Account Deletion\"\n",[1050,1763,1764],{"class":1052,"line":1131},[1050,1765,1741],{"emptyLinePlaceholder":1740},[1050,1767,1768],{"class":1052,"line":1144},[1050,1769,1770],{"class":1056},"# 2. Money transfer\n",[1050,1772,1773],{"class":1052,"line":1161},[1050,1774,1775],{"class":1056},"# Attacker embeds: https://bank.com/transfer/\n",[1050,1777,1778],{"class":1052,"line":1175},[1050,1779,1780],{"class":1056},"# User thinks they're clicking: \"Play Game\"\n",[1050,1782,1783],{"class":1052,"line":1187},[1050,1784,1785],{"class":1056},"# Actually clicking: \"Transfer $1000\"\n",[1050,1787,1788],{"class":1052,"line":1204},[1050,1789,1741],{"emptyLinePlaceholder":1740},[1050,1791,1792],{"class":1052,"line":1218},[1050,1793,1794],{"class":1056},"# 3. Social media actions\n",[1050,1796,1797],{"class":1052,"line":1231},[1050,1798,1799],{"class":1056},"# Attacker embeds: https://social.com/share/\n",[1050,1801,1802],{"class":1052,"line":1247},[1050,1803,1804],{"class":1056},"# User thinks they're clicking: \"See Funny Video\"\n",[1050,1806,1807],{"class":1052,"line":1253},[1050,1808,1809],{"class":1056},"# Actually clicking: \"Share Malicious Content\"\n",[1050,1811,1812],{"class":1052,"line":1259},[1050,1813,1741],{"emptyLinePlaceholder":1740},[1050,1815,1816],{"class":1052,"line":1269},[1050,1817,1818],{"class":1056},"# 4. Admin actions\n",[1050,1820,1821],{"class":1052,"line":1280},[1050,1822,1823],{"class":1056},"# Attacker embeds: https://yourapp.com/admin/users/delete/\n",[1050,1825,1826],{"class":1052,"line":1295},[1050,1827,1828],{"class":1056},"# User thinks they're clicking: \"View Report\"\n",[1050,1830,1831],{"class":1052,"line":1309},[1050,1832,1833],{"class":1056},"# Actually clicking: \"Delete User Account\"\n",[1050,1835,1836],{"class":1052,"line":1322},[1050,1837,1741],{"emptyLinePlaceholder":1740},[1050,1839,1840],{"class":1052,"line":1336},[1050,1841,1842],{"class":1056},"# 5. OAuth authorization\n",[1050,1844,1845],{"class":1052,"line":1349},[1050,1846,1847],{"class":1056},"# Attacker embeds: https://oauth.provider.com/authorize/\n",[1050,1849,1850],{"class":1052,"line":1362},[1050,1851,1852],{"class":1056},"# User thinks they're clicking: \"Continue Reading\"\n",[1050,1854,1855],{"class":1052,"line":1375},[1050,1856,1857],{"class":1056},"# Actually clicking: \"Grant App Permissions\"\n",[1030,1859,1861],{"id":1860},"djangos-clickjacking-protection","Django's Clickjacking Protection",[1035,1863,1865],{"id":1864},"x-frame-options-middleware","X-Frame-Options Middleware",[1026,1867,1868],{},"Django includes built-in clickjacking protection:",[1040,1870,1872],{"className":1726,"code":1871,"language":1728,"meta":1045,"style":1045},"# settings.py - Enable clickjacking protection (enabled by default)\nMIDDLEWARE = [\n    'django.middleware.clickjacking.XFrameOptionsMiddleware',\n    # ... other middleware\n]\n\n# X-Frame-Options settings\nX_FRAME_OPTIONS = 'DENY'  # Default - prevents all framing\n\n# Alternative options:\n# X_FRAME_OPTIONS = 'SAMEORIGIN'  # Allow framing from same origin\n# X_FRAME_OPTIONS = 'ALLOW-FROM https://trusted-site.com'  # Allow specific origin (deprecated)\n",[1047,1873,1874,1879,1890,1904,1909,1914,1918,1923,1941,1945,1950,1955],{"__ignoreMap":1045},[1050,1875,1876],{"class":1052,"line":1053},[1050,1877,1878],{"class":1056},"# settings.py - Enable clickjacking protection (enabled by default)\n",[1050,1880,1881,1884,1887],{"class":1052,"line":1060},[1050,1882,1883],{"class":1154},"MIDDLEWARE",[1050,1885,1886],{"class":1063}," =",[1050,1888,1889],{"class":1063}," [\n",[1050,1891,1892,1895,1898,1901],{"class":1052,"line":1078},[1050,1893,1894],{"class":1613},"    '",[1050,1896,1897],{"class":1617},"django.middleware.clickjacking.XFrameOptionsMiddleware",[1050,1899,1900],{"class":1613},"'",[1050,1902,1903],{"class":1063},",\n",[1050,1905,1906],{"class":1052,"line":1088},[1050,1907,1908],{"class":1056},"    # ... other middleware\n",[1050,1910,1911],{"class":1052,"line":1098},[1050,1912,1913],{"class":1063},"]\n",[1050,1915,1916],{"class":1052,"line":1121},[1050,1917,1741],{"emptyLinePlaceholder":1740},[1050,1919,1920],{"class":1052,"line":1131},[1050,1921,1922],{"class":1056},"# X-Frame-Options settings\n",[1050,1924,1925,1928,1930,1933,1936,1938],{"class":1052,"line":1144},[1050,1926,1927],{"class":1154},"X_FRAME_OPTIONS",[1050,1929,1886],{"class":1063},[1050,1931,1932],{"class":1613}," '",[1050,1934,1935],{"class":1617},"DENY",[1050,1937,1900],{"class":1613},[1050,1939,1940],{"class":1056},"  # Default - prevents all framing\n",[1050,1942,1943],{"class":1052,"line":1161},[1050,1944,1741],{"emptyLinePlaceholder":1740},[1050,1946,1947],{"class":1052,"line":1175},[1050,1948,1949],{"class":1056},"# Alternative options:\n",[1050,1951,1952],{"class":1052,"line":1187},[1050,1953,1954],{"class":1056},"# X_FRAME_OPTIONS = 'SAMEORIGIN'  # Allow framing from same origin\n",[1050,1956,1957],{"class":1052,"line":1204},[1050,1958,1959],{"class":1056},"# X_FRAME_OPTIONS = 'ALLOW-FROM https://trusted-site.com'  # Allow specific origin (deprecated)\n",[1035,1961,1963],{"id":1962},"how-x-frame-options-works","How X-Frame-Options Works",[1040,1965,1967],{"className":1726,"code":1966,"language":1728,"meta":1045,"style":1045},"# What Django's XFrameOptionsMiddleware does:\n\nclass XFrameOptionsMiddleware:\n    \"\"\"Simplified version of Django's middleware\"\"\"\n    \n    def __init__(self, get_response):\n        self.get_response = get_response\n    \n    def __call__(self, request):\n        response = self.get_response(request)\n        \n        # Add X-Frame-Options header if not already present\n        if not response.get('X-Frame-Options'):\n            response['X-Frame-Options'] = settings.X_FRAME_OPTIONS\n        \n        return response\n\n# HTTP Response Headers:\n# X-Frame-Options: DENY\n# - Prevents the page from being displayed in any frame/iframe\n# \n# X-Frame-Options: SAMEORIGIN  \n# - Allows framing only from the same origin\n#\n# X-Frame-Options: ALLOW-FROM https://example.com\n# - Allows framing only from specified origin (deprecated)\n",[1047,1968,1969,1974,1978,1991,2004,2008,2034,2051,2055,2073,2096,2100,2105,2134,2162,2166,2174,2178,2183,2188,2193,2198,2203,2208,2213,2218],{"__ignoreMap":1045},[1050,1970,1971],{"class":1052,"line":1053},[1050,1972,1973],{"class":1056},"# What Django's XFrameOptionsMiddleware does:\n",[1050,1975,1976],{"class":1052,"line":1060},[1050,1977,1741],{"emptyLinePlaceholder":1740},[1050,1979,1980,1984,1988],{"class":1052,"line":1078},[1050,1981,1983],{"class":1982},"s5Kfy","class",[1050,1985,1987],{"class":1986},"sD-vU"," XFrameOptionsMiddleware",[1050,1989,1990],{"class":1063},":\n",[1050,1992,1993,1997,2001],{"class":1052,"line":1088},[1050,1994,1996],{"class":1995},"sm7ve","    \"\"\"",[1050,1998,2000],{"class":1999},"sVyVU","Simplified version of Django's middleware",[1050,2002,2003],{"class":1995},"\"\"\"\n",[1050,2005,2006],{"class":1052,"line":1098},[1050,2007,1590],{"class":1110},[1050,2009,2010,2013,2017,2020,2024,2027,2031],{"class":1052,"line":1121},[1050,2011,2012],{"class":1982},"    def",[1050,2014,2016],{"class":2015},"sJdAF"," __init__",[1050,2018,2019],{"class":1063},"(",[1050,2021,2023],{"class":2022},"sRjD_","self",[1050,2025,2026],{"class":1063},",",[1050,2028,2030],{"class":2029},"sCyAa"," get_response",[1050,2032,2033],{"class":1063},"):\n",[1050,2035,2036,2039,2042,2046,2048],{"class":1052,"line":1131},[1050,2037,2038],{"class":1154},"        self",[1050,2040,2041],{"class":1063},".",[1050,2043,2045],{"class":2044},"sBPpx","get_response",[1050,2047,1886],{"class":1063},[1050,2049,2050],{"class":1110}," get_response\n",[1050,2052,2053],{"class":1052,"line":1144},[1050,2054,1590],{"class":1110},[1050,2056,2057,2059,2062,2064,2066,2068,2071],{"class":1052,"line":1161},[1050,2058,2012],{"class":1982},[1050,2060,2061],{"class":2015}," __call__",[1050,2063,2019],{"class":1063},[1050,2065,2023],{"class":2022},[1050,2067,2026],{"class":1063},[1050,2069,2070],{"class":2029}," request",[1050,2072,2033],{"class":1063},[1050,2074,2075,2078,2080,2083,2085,2088,2090,2093],{"class":1052,"line":1175},[1050,2076,2077],{"class":1110},"        response ",[1050,2079,1610],{"class":1063},[1050,2081,2082],{"class":1154}," self",[1050,2084,2041],{"class":1063},[1050,2086,2045],{"class":2087},"siWMO",[1050,2089,2019],{"class":1063},[1050,2091,2092],{"class":2087},"request",[1050,2094,2095],{"class":1063},")\n",[1050,2097,2098],{"class":1052,"line":1187},[1050,2099,1256],{"class":1110},[1050,2101,2102],{"class":1052,"line":1204},[1050,2103,2104],{"class":1056},"        # Add X-Frame-Options header if not already present\n",[1050,2106,2107,2111,2115,2118,2120,2123,2125,2127,2130,2132],{"class":1052,"line":1218},[1050,2108,2110],{"class":2109},"siDh9","        if",[1050,2112,2114],{"class":2113},"sVsLi"," not",[1050,2116,2117],{"class":1110}," response",[1050,2119,2041],{"class":1063},[1050,2121,2122],{"class":2087},"get",[1050,2124,2019],{"class":1063},[1050,2126,1900],{"class":1613},[1050,2128,2129],{"class":1617},"X-Frame-Options",[1050,2131,1900],{"class":1613},[1050,2133,2033],{"class":1063},[1050,2135,2136,2139,2142,2144,2146,2148,2151,2153,2156,2158],{"class":1052,"line":1231},[1050,2137,2138],{"class":1110},"            response",[1050,2140,2141],{"class":1063},"[",[1050,2143,1900],{"class":1613},[1050,2145,2129],{"class":1617},[1050,2147,1900],{"class":1613},[1050,2149,2150],{"class":1063},"]",[1050,2152,1886],{"class":1063},[1050,2154,2155],{"class":1110}," settings",[1050,2157,2041],{"class":1063},[1050,2159,2161],{"class":2160},"sFGJz","X_FRAME_OPTIONS\n",[1050,2163,2164],{"class":1052,"line":1247},[1050,2165,1256],{"class":1110},[1050,2167,2168,2171],{"class":1052,"line":1253},[1050,2169,2170],{"class":2109},"        return",[1050,2172,2173],{"class":1110}," response\n",[1050,2175,2176],{"class":1052,"line":1259},[1050,2177,1741],{"emptyLinePlaceholder":1740},[1050,2179,2180],{"class":1052,"line":1269},[1050,2181,2182],{"class":1056},"# HTTP Response Headers:\n",[1050,2184,2185],{"class":1052,"line":1280},[1050,2186,2187],{"class":1056},"# X-Frame-Options: DENY\n",[1050,2189,2190],{"class":1052,"line":1295},[1050,2191,2192],{"class":1056},"# - Prevents the page from being displayed in any frame/iframe\n",[1050,2194,2195],{"class":1052,"line":1309},[1050,2196,2197],{"class":1056},"# \n",[1050,2199,2200],{"class":1052,"line":1322},[1050,2201,2202],{"class":1056},"# X-Frame-Options: SAMEORIGIN  \n",[1050,2204,2205],{"class":1052,"line":1336},[1050,2206,2207],{"class":1056},"# - Allows framing only from the same origin\n",[1050,2209,2210],{"class":1052,"line":1349},[1050,2211,2212],{"class":1056},"#\n",[1050,2214,2215],{"class":1052,"line":1362},[1050,2216,2217],{"class":1056},"# X-Frame-Options: ALLOW-FROM https://example.com\n",[1050,2219,2220],{"class":1052,"line":1375},[1050,2221,2222],{"class":1056},"# - Allows framing only from specified origin (deprecated)\n",[1035,2224,2226],{"id":2225},"per-view-frame-options","Per-View Frame Options",[1040,2228,2230],{"className":1726,"code":2229,"language":1728,"meta":1045,"style":1045},"# views.py - Customize frame options per view\nfrom django.views.decorators.clickjacking import (\n    xframe_options_deny,\n    xframe_options_sameorigin,\n    xframe_options_exempt\n)\n\n@xframe_options_deny\ndef sensitive_action_view(request):\n    \"\"\"View that should never be framed\"\"\"\n    if request.method == 'POST':\n        # Perform sensitive action (e.g., delete account)\n        request.user.delete()\n        return redirect('goodbye')\n    \n    return render(request, 'confirm_delete.html')\n\n@xframe_options_sameorigin\ndef embeddable_widget_view(request):\n    \"\"\"View that can be embedded in same-origin iframes\"\"\"\n    widget_data = get_widget_data(request.user)\n    return render(request, 'widget.html', {'data': widget_data})\n\n@xframe_options_exempt\ndef public_embed_view(request):\n    \"\"\"View that can be embedded anywhere (use carefully!)\"\"\"\n    # This view allows framing from any origin\n    # Only use for truly public, non-sensitive content\n    public_data = get_public_data()\n    return render(request, 'public_embed.html', {'data': public_data})\n\n# Class-based views\nfrom django.utils.decorators import method_decorator\n\n@method_decorator(xframe_options_deny, name='dispatch')\nclass SensitiveFormView(FormView):\n    \"\"\"Form view with clickjacking protection\"\"\"\n    template_name = 'sensitive_form.html'\n    form_class = SensitiveActionForm\n    \n    def form_valid(self, form):\n        # Perform sensitive action\n        form.execute_action(self.request.user)\n        return super().form_valid(form)\n\n@method_decorator(xframe_options_sameorigin, name='dispatch')\nclass DashboardWidgetView(TemplateView):\n    \"\"\"Dashboard widget that can be embedded in same origin\"\"\"\n    template_name = 'dashboard_widget.html'\n    \n    def get_context_data(self, **kwargs):\n        context = super().get_context_data(**kwargs)\n        context['widget_data'] = self.get_widget_data()\n        return context\n",[1047,2231,2232,2237,2266,2273,2280,2285,2289,2293,2302,2316,2325,2349,2354,2372,2390,2394,2417,2421,2428,2441,2450,2470,2509,2513,2520,2533,2542,2547,2552,2564,2600,2604,2609,2630,2634,2663,2678,2687,2702,2712,2716,2734,2739,2763,2784,2788,2813,2827,2836,2849,2853,2874,2897,2924],{"__ignoreMap":1045},[1050,2233,2234],{"class":1052,"line":1053},[1050,2235,2236],{"class":1056},"# views.py - Customize frame options per view\n",[1050,2238,2239,2242,2245,2247,2250,2252,2255,2257,2260,2263],{"class":1052,"line":1060},[1050,2240,2241],{"class":2109},"from",[1050,2243,2244],{"class":1110}," django",[1050,2246,2041],{"class":1063},[1050,2248,2249],{"class":1110},"views",[1050,2251,2041],{"class":1063},[1050,2253,2254],{"class":1110},"decorators",[1050,2256,2041],{"class":1063},[1050,2258,2259],{"class":1110},"clickjacking ",[1050,2261,2262],{"class":2109},"import",[1050,2264,2265],{"class":1063}," (\n",[1050,2267,2268,2271],{"class":1052,"line":1078},[1050,2269,2270],{"class":1110},"    xframe_options_deny",[1050,2272,1903],{"class":1063},[1050,2274,2275,2278],{"class":1052,"line":1088},[1050,2276,2277],{"class":1110},"    xframe_options_sameorigin",[1050,2279,1903],{"class":1063},[1050,2281,2282],{"class":1052,"line":1098},[1050,2283,2284],{"class":1110},"    xframe_options_exempt\n",[1050,2286,2287],{"class":1052,"line":1121},[1050,2288,2095],{"class":1063},[1050,2290,2291],{"class":1052,"line":1131},[1050,2292,1741],{"emptyLinePlaceholder":1740},[1050,2294,2295,2298],{"class":1052,"line":1144},[1050,2296,2297],{"class":1063},"@",[1050,2299,2301],{"class":2300},"sljsM","xframe_options_deny\n",[1050,2303,2304,2307,2310,2312,2314],{"class":1052,"line":1161},[1050,2305,2306],{"class":1982},"def",[1050,2308,2309],{"class":2300}," sensitive_action_view",[1050,2311,2019],{"class":1063},[1050,2313,2092],{"class":2029},[1050,2315,2033],{"class":1063},[1050,2317,2318,2320,2323],{"class":1052,"line":1175},[1050,2319,1996],{"class":1995},[1050,2321,2322],{"class":1999},"View that should never be framed",[1050,2324,2003],{"class":1995},[1050,2326,2327,2330,2332,2334,2337,2340,2342,2345,2347],{"class":1052,"line":1187},[1050,2328,2329],{"class":2109},"    if",[1050,2331,2070],{"class":1110},[1050,2333,2041],{"class":1063},[1050,2335,2336],{"class":2044},"method",[1050,2338,2339],{"class":2113}," ==",[1050,2341,1932],{"class":1613},[1050,2343,2344],{"class":1617},"POST",[1050,2346,1900],{"class":1613},[1050,2348,1990],{"class":1063},[1050,2350,2351],{"class":1052,"line":1204},[1050,2352,2353],{"class":1056},"        # Perform sensitive action (e.g., delete account)\n",[1050,2355,2356,2359,2361,2364,2366,2369],{"class":1052,"line":1218},[1050,2357,2358],{"class":1110},"        request",[1050,2360,2041],{"class":1063},[1050,2362,2363],{"class":2044},"user",[1050,2365,2041],{"class":1063},[1050,2367,2368],{"class":2087},"delete",[1050,2370,2371],{"class":1063},"()\n",[1050,2373,2374,2376,2379,2381,2383,2386,2388],{"class":1052,"line":1231},[1050,2375,2170],{"class":2109},[1050,2377,2378],{"class":2087}," redirect",[1050,2380,2019],{"class":1063},[1050,2382,1900],{"class":1613},[1050,2384,2385],{"class":1617},"goodbye",[1050,2387,1900],{"class":1613},[1050,2389,2095],{"class":1063},[1050,2391,2392],{"class":1052,"line":1247},[1050,2393,1590],{"class":1110},[1050,2395,2396,2399,2402,2404,2406,2408,2410,2413,2415],{"class":1052,"line":1253},[1050,2397,2398],{"class":2109},"    return",[1050,2400,2401],{"class":2087}," render",[1050,2403,2019],{"class":1063},[1050,2405,2092],{"class":2087},[1050,2407,2026],{"class":1063},[1050,2409,1932],{"class":1613},[1050,2411,2412],{"class":1617},"confirm_delete.html",[1050,2414,1900],{"class":1613},[1050,2416,2095],{"class":1063},[1050,2418,2419],{"class":1052,"line":1259},[1050,2420,1741],{"emptyLinePlaceholder":1740},[1050,2422,2423,2425],{"class":1052,"line":1269},[1050,2424,2297],{"class":1063},[1050,2426,2427],{"class":2300},"xframe_options_sameorigin\n",[1050,2429,2430,2432,2435,2437,2439],{"class":1052,"line":1280},[1050,2431,2306],{"class":1982},[1050,2433,2434],{"class":2300}," embeddable_widget_view",[1050,2436,2019],{"class":1063},[1050,2438,2092],{"class":2029},[1050,2440,2033],{"class":1063},[1050,2442,2443,2445,2448],{"class":1052,"line":1295},[1050,2444,1996],{"class":1995},[1050,2446,2447],{"class":1999},"View that can be embedded in same-origin iframes",[1050,2449,2003],{"class":1995},[1050,2451,2452,2455,2457,2460,2462,2464,2466,2468],{"class":1052,"line":1309},[1050,2453,2454],{"class":1110},"    widget_data ",[1050,2456,1610],{"class":1063},[1050,2458,2459],{"class":2087}," get_widget_data",[1050,2461,2019],{"class":1063},[1050,2463,2092],{"class":2087},[1050,2465,2041],{"class":1063},[1050,2467,2363],{"class":2044},[1050,2469,2095],{"class":1063},[1050,2471,2472,2474,2476,2478,2480,2482,2484,2487,2489,2491,2494,2496,2499,2501,2503,2506],{"class":1052,"line":1322},[1050,2473,2398],{"class":2109},[1050,2475,2401],{"class":2087},[1050,2477,2019],{"class":1063},[1050,2479,2092],{"class":2087},[1050,2481,2026],{"class":1063},[1050,2483,1932],{"class":1613},[1050,2485,2486],{"class":1617},"widget.html",[1050,2488,1900],{"class":1613},[1050,2490,2026],{"class":1063},[1050,2492,2493],{"class":1063}," {",[1050,2495,1900],{"class":1613},[1050,2497,2498],{"class":1617},"data",[1050,2500,1900],{"class":1613},[1050,2502,1151],{"class":1063},[1050,2504,2505],{"class":2087}," widget_data",[1050,2507,2508],{"class":1063},"})\n",[1050,2510,2511],{"class":1052,"line":1336},[1050,2512,1741],{"emptyLinePlaceholder":1740},[1050,2514,2515,2517],{"class":1052,"line":1349},[1050,2516,2297],{"class":1063},[1050,2518,2519],{"class":2300},"xframe_options_exempt\n",[1050,2521,2522,2524,2527,2529,2531],{"class":1052,"line":1362},[1050,2523,2306],{"class":1982},[1050,2525,2526],{"class":2300}," public_embed_view",[1050,2528,2019],{"class":1063},[1050,2530,2092],{"class":2029},[1050,2532,2033],{"class":1063},[1050,2534,2535,2537,2540],{"class":1052,"line":1375},[1050,2536,1996],{"class":1995},[1050,2538,2539],{"class":1999},"View that can be embedded anywhere (use carefully!)",[1050,2541,2003],{"class":1995},[1050,2543,2544],{"class":1052,"line":1389},[1050,2545,2546],{"class":1056},"    # This view allows framing from any origin\n",[1050,2548,2549],{"class":1052,"line":1402},[1050,2550,2551],{"class":1056},"    # Only use for truly public, non-sensitive content\n",[1050,2553,2554,2557,2559,2562],{"class":1052,"line":1407},[1050,2555,2556],{"class":1110},"    public_data ",[1050,2558,1610],{"class":1063},[1050,2560,2561],{"class":2087}," get_public_data",[1050,2563,2371],{"class":1063},[1050,2565,2566,2568,2570,2572,2574,2576,2578,2581,2583,2585,2587,2589,2591,2593,2595,2598],{"class":1052,"line":1412},[1050,2567,2398],{"class":2109},[1050,2569,2401],{"class":2087},[1050,2571,2019],{"class":1063},[1050,2573,2092],{"class":2087},[1050,2575,2026],{"class":1063},[1050,2577,1932],{"class":1613},[1050,2579,2580],{"class":1617},"public_embed.html",[1050,2582,1900],{"class":1613},[1050,2584,2026],{"class":1063},[1050,2586,2493],{"class":1063},[1050,2588,1900],{"class":1613},[1050,2590,2498],{"class":1617},[1050,2592,1900],{"class":1613},[1050,2594,1151],{"class":1063},[1050,2596,2597],{"class":2087}," public_data",[1050,2599,2508],{"class":1063},[1050,2601,2602],{"class":1052,"line":1422},[1050,2603,1741],{"emptyLinePlaceholder":1740},[1050,2605,2606],{"class":1052,"line":1433},[1050,2607,2608],{"class":1056},"# Class-based views\n",[1050,2610,2611,2613,2615,2617,2620,2622,2625,2627],{"class":1052,"line":1450},[1050,2612,2241],{"class":2109},[1050,2614,2244],{"class":1110},[1050,2616,2041],{"class":1063},[1050,2618,2619],{"class":1110},"utils",[1050,2621,2041],{"class":1063},[1050,2623,2624],{"class":1110},"decorators ",[1050,2626,2262],{"class":2109},[1050,2628,2629],{"class":1110}," method_decorator\n",[1050,2631,2632],{"class":1052,"line":1464},[1050,2633,1741],{"emptyLinePlaceholder":1740},[1050,2635,2636,2638,2641,2643,2646,2648,2652,2654,2656,2659,2661],{"class":1052,"line":1477},[1050,2637,2297],{"class":1063},[1050,2639,2640],{"class":2300},"method_decorator",[1050,2642,2019],{"class":1063},[1050,2644,2645],{"class":2087},"xframe_options_deny",[1050,2647,2026],{"class":1063},[1050,2649,2651],{"class":2650},"sqOPj"," name",[1050,2653,1610],{"class":1063},[1050,2655,1900],{"class":1613},[1050,2657,2658],{"class":1617},"dispatch",[1050,2660,1900],{"class":1613},[1050,2662,2095],{"class":1063},[1050,2664,2665,2667,2670,2672,2676],{"class":1052,"line":1490},[1050,2666,1983],{"class":1982},[1050,2668,2669],{"class":1986}," SensitiveFormView",[1050,2671,2019],{"class":1063},[1050,2673,2675],{"class":2674},"sYn-s","FormView",[1050,2677,2033],{"class":1063},[1050,2679,2680,2682,2685],{"class":1052,"line":1505},[1050,2681,1996],{"class":1995},[1050,2683,2684],{"class":1999},"Form view with clickjacking protection",[1050,2686,2003],{"class":1995},[1050,2688,2689,2692,2694,2696,2699],{"class":1052,"line":1517},[1050,2690,2691],{"class":1110},"    template_name ",[1050,2693,1610],{"class":1063},[1050,2695,1932],{"class":1613},[1050,2697,2698],{"class":1617},"sensitive_form.html",[1050,2700,2701],{"class":1613},"'\n",[1050,2703,2704,2707,2709],{"class":1052,"line":1522},[1050,2705,2706],{"class":1110},"    form_class ",[1050,2708,1610],{"class":1063},[1050,2710,2711],{"class":1110}," SensitiveActionForm\n",[1050,2713,2714],{"class":1052,"line":1532},[1050,2715,1590],{"class":1110},[1050,2717,2718,2720,2723,2725,2727,2729,2732],{"class":1052,"line":1541},[1050,2719,2012],{"class":1982},[1050,2721,2722],{"class":2300}," form_valid",[1050,2724,2019],{"class":1063},[1050,2726,2023],{"class":2022},[1050,2728,2026],{"class":1063},[1050,2730,2731],{"class":2029}," form",[1050,2733,2033],{"class":1063},[1050,2735,2736],{"class":1052,"line":1551},[1050,2737,2738],{"class":1056},"        # Perform sensitive action\n",[1050,2740,2741,2744,2746,2749,2751,2753,2755,2757,2759,2761],{"class":1052,"line":1569},[1050,2742,2743],{"class":1110},"        form",[1050,2745,2041],{"class":1063},[1050,2747,2748],{"class":2087},"execute_action",[1050,2750,2019],{"class":1063},[1050,2752,2023],{"class":1154},[1050,2754,2041],{"class":1063},[1050,2756,2092],{"class":2044},[1050,2758,2041],{"class":1063},[1050,2760,2363],{"class":2044},[1050,2762,2095],{"class":1063},[1050,2764,2765,2767,2771,2774,2777,2779,2782],{"class":1052,"line":1587},[1050,2766,2170],{"class":2109},[1050,2768,2770],{"class":2769},"sa2tF"," super",[1050,2772,2773],{"class":1063},"().",[1050,2775,2776],{"class":2087},"form_valid",[1050,2778,2019],{"class":1063},[1050,2780,2781],{"class":2087},"form",[1050,2783,2095],{"class":1063},[1050,2785,2786],{"class":1052,"line":1593},[1050,2787,1741],{"emptyLinePlaceholder":1740},[1050,2789,2790,2792,2794,2796,2799,2801,2803,2805,2807,2809,2811],{"class":1052,"line":1599},[1050,2791,2297],{"class":1063},[1050,2793,2640],{"class":2300},[1050,2795,2019],{"class":1063},[1050,2797,2798],{"class":2087},"xframe_options_sameorigin",[1050,2800,2026],{"class":1063},[1050,2802,2651],{"class":2650},[1050,2804,1610],{"class":1063},[1050,2806,1900],{"class":1613},[1050,2808,2658],{"class":1617},[1050,2810,1900],{"class":1613},[1050,2812,2095],{"class":1063},[1050,2814,2815,2817,2820,2822,2825],{"class":1052,"line":1633},[1050,2816,1983],{"class":1982},[1050,2818,2819],{"class":1986}," DashboardWidgetView",[1050,2821,2019],{"class":1063},[1050,2823,2824],{"class":2674},"TemplateView",[1050,2826,2033],{"class":1063},[1050,2828,2829,2831,2834],{"class":1052,"line":1638},[1050,2830,1996],{"class":1995},[1050,2832,2833],{"class":1999},"Dashboard widget that can be embedded in same origin",[1050,2835,2003],{"class":1995},[1050,2837,2838,2840,2842,2844,2847],{"class":1052,"line":1644},[1050,2839,2691],{"class":1110},[1050,2841,1610],{"class":1063},[1050,2843,1932],{"class":1613},[1050,2845,2846],{"class":1617},"dashboard_widget.html",[1050,2848,2701],{"class":1613},[1050,2850,2851],{"class":1052,"line":1668},[1050,2852,1590],{"class":1110},[1050,2854,2855,2857,2860,2862,2864,2866,2869,2872],{"class":1052,"line":1684},[1050,2856,2012],{"class":1982},[1050,2858,2859],{"class":2300}," get_context_data",[1050,2861,2019],{"class":1063},[1050,2863,2023],{"class":2022},[1050,2865,2026],{"class":1063},[1050,2867,2868],{"class":2113}," **",[1050,2870,2871],{"class":2029},"kwargs",[1050,2873,2033],{"class":1063},[1050,2875,2876,2879,2881,2883,2885,2888,2890,2893,2895],{"class":1052,"line":1693},[1050,2877,2878],{"class":1110},"        context ",[1050,2880,1610],{"class":1063},[1050,2882,2770],{"class":2769},[1050,2884,2773],{"class":1063},[1050,2886,2887],{"class":2087},"get_context_data",[1050,2889,2019],{"class":1063},[1050,2891,2892],{"class":2113},"**",[1050,2894,2871],{"class":2087},[1050,2896,2095],{"class":1063},[1050,2898,2899,2902,2904,2906,2909,2911,2913,2915,2917,2919,2922],{"class":1052,"line":1698},[1050,2900,2901],{"class":1110},"        context",[1050,2903,2141],{"class":1063},[1050,2905,1900],{"class":1613},[1050,2907,2908],{"class":1617},"widget_data",[1050,2910,1900],{"class":1613},[1050,2912,2150],{"class":1063},[1050,2914,1886],{"class":1063},[1050,2916,2082],{"class":1154},[1050,2918,2041],{"class":1063},[1050,2920,2921],{"class":2087},"get_widget_data",[1050,2923,2371],{"class":1063},[1050,2925,2926,2928],{"class":1052,"line":1704},[1050,2927,2170],{"class":2109},[1050,2929,2930],{"class":1110}," context\n",[1030,2932,2934],{"id":2933},"content-security-policy-csp-protection","Content Security Policy (CSP) Protection",[1035,2936,2938],{"id":2937},"csp-frame-ancestors","CSP Frame Ancestors",[1026,2940,2941],{},"CSP provides more modern and flexible clickjacking protection:",[1040,2943,2945],{"className":1726,"code":2944,"language":1728,"meta":1045,"style":1045},"# middleware.py - CSP-based clickjacking protection\nclass CSPClickjackingMiddleware:\n    \"\"\"Content Security Policy middleware for clickjacking protection\"\"\"\n    \n    def __init__(self, get_response):\n        self.get_response = get_response\n    \n    def __call__(self, request):\n        response = self.get_response(request)\n        \n        # Build CSP policy\n        csp_policy = self.build_csp_policy(request)\n        response['Content-Security-Policy'] = csp_policy\n        \n        return response\n    \n    def build_csp_policy(self, request):\n        \"\"\"Build CSP policy with frame-ancestors directive\"\"\"\n        \n        # Base policy directives\n        directives = [\n            \"default-src 'self'\",\n            \"script-src 'self' 'unsafe-inline'\",\n            \"style-src 'self' 'unsafe-inline'\",\n            \"img-src 'self' data: https:\",\n        ]\n        \n        # Frame ancestors directive (replaces X-Frame-Options)\n        frame_ancestors = self.get_frame_ancestors_policy(request)\n        directives.append(f\"frame-ancestors {frame_ancestors}\")\n        \n        return '; '.join(directives)\n    \n    def get_frame_ancestors_policy(self, request):\n        \"\"\"Determine frame-ancestors policy based on request\"\"\"\n        \n        # Sensitive pages - no framing allowed\n        sensitive_paths = [\n            '/delete-account/',\n            '/transfer-money/',\n            '/admin/',\n            '/change-password/'\n        ]\n        \n        if any(request.path.startswith(path) for path in sensitive_paths):\n            return \"'none'\"  # Equivalent to X-Frame-Options: DENY\n        \n        # Widget pages - same origin only\n        widget_paths = ['/widget/', '/embed/']\n        if any(request.path.startswith(path) for path in widget_paths):\n            return \"'self'\"  # Equivalent to X-Frame-Options: SAMEORIGIN\n        \n        # Public embeddable content\n        public_paths = ['/public-embed/']\n        if any(request.path.startswith(path) for path in public_paths):\n            return \"'self' https://trusted-partner.com\"\n        \n        # Default policy\n        return \"'self'\"\n\n# Alternative: Using django-csp package\n# pip install django-csp\n\n# settings.py\nMIDDLEWARE = [\n    'csp.middleware.CSPMiddleware',\n    # ... other middleware\n]\n\n# CSP settings for clickjacking protection\nCSP_FRAME_ANCESTORS = (\"'none'\",)  # Deny all framing\n# CSP_FRAME_ANCESTORS = (\"'self'\",)  # Same origin only\n# CSP_FRAME_ANCESTORS = (\"'self'\", \"https://trusted-site.com\")  # Specific origins\n",[1047,2946,2947,2952,2961,2970,2974,2990,3002,3006,3022,3040,3044,3049,3069,3090,3094,3100,3104,3121,3131,3135,3140,3149,3161,3172,3183,3194,3199,3203,3208,3228,3260,3264,3287,3291,3308,3317,3321,3326,3335,3347,3358,3369,3378,3382,3386,3428,3444,3448,3453,3481,3516,3530,3534,3539,3557,3592,3605,3610,3616,3627,3632,3638,3644,3649,3655,3664,3676,3681,3686,3691,3697,3720,3726],{"__ignoreMap":1045},[1050,2948,2949],{"class":1052,"line":1053},[1050,2950,2951],{"class":1056},"# middleware.py - CSP-based clickjacking protection\n",[1050,2953,2954,2956,2959],{"class":1052,"line":1060},[1050,2955,1983],{"class":1982},[1050,2957,2958],{"class":1986}," CSPClickjackingMiddleware",[1050,2960,1990],{"class":1063},[1050,2962,2963,2965,2968],{"class":1052,"line":1078},[1050,2964,1996],{"class":1995},[1050,2966,2967],{"class":1999},"Content Security Policy middleware for clickjacking protection",[1050,2969,2003],{"class":1995},[1050,2971,2972],{"class":1052,"line":1088},[1050,2973,1590],{"class":1110},[1050,2975,2976,2978,2980,2982,2984,2986,2988],{"class":1052,"line":1098},[1050,2977,2012],{"class":1982},[1050,2979,2016],{"class":2015},[1050,2981,2019],{"class":1063},[1050,2983,2023],{"class":2022},[1050,2985,2026],{"class":1063},[1050,2987,2030],{"class":2029},[1050,2989,2033],{"class":1063},[1050,2991,2992,2994,2996,2998,3000],{"class":1052,"line":1121},[1050,2993,2038],{"class":1154},[1050,2995,2041],{"class":1063},[1050,2997,2045],{"class":2044},[1050,2999,1886],{"class":1063},[1050,3001,2050],{"class":1110},[1050,3003,3004],{"class":1052,"line":1131},[1050,3005,1590],{"class":1110},[1050,3007,3008,3010,3012,3014,3016,3018,3020],{"class":1052,"line":1144},[1050,3009,2012],{"class":1982},[1050,3011,2061],{"class":2015},[1050,3013,2019],{"class":1063},[1050,3015,2023],{"class":2022},[1050,3017,2026],{"class":1063},[1050,3019,2070],{"class":2029},[1050,3021,2033],{"class":1063},[1050,3023,3024,3026,3028,3030,3032,3034,3036,3038],{"class":1052,"line":1161},[1050,3025,2077],{"class":1110},[1050,3027,1610],{"class":1063},[1050,3029,2082],{"class":1154},[1050,3031,2041],{"class":1063},[1050,3033,2045],{"class":2087},[1050,3035,2019],{"class":1063},[1050,3037,2092],{"class":2087},[1050,3039,2095],{"class":1063},[1050,3041,3042],{"class":1052,"line":1175},[1050,3043,1256],{"class":1110},[1050,3045,3046],{"class":1052,"line":1187},[1050,3047,3048],{"class":1056},"        # Build CSP policy\n",[1050,3050,3051,3054,3056,3058,3060,3063,3065,3067],{"class":1052,"line":1204},[1050,3052,3053],{"class":1110},"        csp_policy ",[1050,3055,1610],{"class":1063},[1050,3057,2082],{"class":1154},[1050,3059,2041],{"class":1063},[1050,3061,3062],{"class":2087},"build_csp_policy",[1050,3064,2019],{"class":1063},[1050,3066,2092],{"class":2087},[1050,3068,2095],{"class":1063},[1050,3070,3071,3074,3076,3078,3081,3083,3085,3087],{"class":1052,"line":1218},[1050,3072,3073],{"class":1110},"        response",[1050,3075,2141],{"class":1063},[1050,3077,1900],{"class":1613},[1050,3079,3080],{"class":1617},"Content-Security-Policy",[1050,3082,1900],{"class":1613},[1050,3084,2150],{"class":1063},[1050,3086,1886],{"class":1063},[1050,3088,3089],{"class":1110}," csp_policy\n",[1050,3091,3092],{"class":1052,"line":1231},[1050,3093,1256],{"class":1110},[1050,3095,3096,3098],{"class":1052,"line":1247},[1050,3097,2170],{"class":2109},[1050,3099,2173],{"class":1110},[1050,3101,3102],{"class":1052,"line":1253},[1050,3103,1590],{"class":1110},[1050,3105,3106,3108,3111,3113,3115,3117,3119],{"class":1052,"line":1259},[1050,3107,2012],{"class":1982},[1050,3109,3110],{"class":2300}," build_csp_policy",[1050,3112,2019],{"class":1063},[1050,3114,2023],{"class":2022},[1050,3116,2026],{"class":1063},[1050,3118,2070],{"class":2029},[1050,3120,2033],{"class":1063},[1050,3122,3123,3126,3129],{"class":1052,"line":1269},[1050,3124,3125],{"class":1995},"        \"\"\"",[1050,3127,3128],{"class":1999},"Build CSP policy with frame-ancestors directive",[1050,3130,2003],{"class":1995},[1050,3132,3133],{"class":1052,"line":1280},[1050,3134,1256],{"class":1110},[1050,3136,3137],{"class":1052,"line":1295},[1050,3138,3139],{"class":1056},"        # Base policy directives\n",[1050,3141,3142,3145,3147],{"class":1052,"line":1309},[1050,3143,3144],{"class":1110},"        directives ",[1050,3146,1610],{"class":1063},[1050,3148,1889],{"class":1063},[1050,3150,3151,3154,3157,3159],{"class":1052,"line":1322},[1050,3152,3153],{"class":1613},"            \"",[1050,3155,3156],{"class":1617},"default-src 'self'",[1050,3158,1614],{"class":1613},[1050,3160,1903],{"class":1063},[1050,3162,3163,3165,3168,3170],{"class":1052,"line":1336},[1050,3164,3153],{"class":1613},[1050,3166,3167],{"class":1617},"script-src 'self' 'unsafe-inline'",[1050,3169,1614],{"class":1613},[1050,3171,1903],{"class":1063},[1050,3173,3174,3176,3179,3181],{"class":1052,"line":1349},[1050,3175,3153],{"class":1613},[1050,3177,3178],{"class":1617},"style-src 'self' 'unsafe-inline'",[1050,3180,1614],{"class":1613},[1050,3182,1903],{"class":1063},[1050,3184,3185,3187,3190,3192],{"class":1052,"line":1362},[1050,3186,3153],{"class":1613},[1050,3188,3189],{"class":1617},"img-src 'self' data: https:",[1050,3191,1614],{"class":1613},[1050,3193,1903],{"class":1063},[1050,3195,3196],{"class":1052,"line":1375},[1050,3197,3198],{"class":1063},"        ]\n",[1050,3200,3201],{"class":1052,"line":1389},[1050,3202,1256],{"class":1110},[1050,3204,3205],{"class":1052,"line":1402},[1050,3206,3207],{"class":1056},"        # Frame ancestors directive (replaces X-Frame-Options)\n",[1050,3209,3210,3213,3215,3217,3219,3222,3224,3226],{"class":1052,"line":1407},[1050,3211,3212],{"class":1110},"        frame_ancestors ",[1050,3214,1610],{"class":1063},[1050,3216,2082],{"class":1154},[1050,3218,2041],{"class":1063},[1050,3220,3221],{"class":2087},"get_frame_ancestors_policy",[1050,3223,2019],{"class":1063},[1050,3225,2092],{"class":2087},[1050,3227,2095],{"class":1063},[1050,3229,3230,3233,3235,3238,3240,3243,3246,3250,3253,3256,3258],{"class":1052,"line":1412},[1050,3231,3232],{"class":1110},"        directives",[1050,3234,2041],{"class":1063},[1050,3236,3237],{"class":2087},"append",[1050,3239,2019],{"class":1063},[1050,3241,3242],{"class":1982},"f",[1050,3244,3245],{"class":1617},"\"frame-ancestors ",[1050,3247,3249],{"class":3248},"s3h35","{",[1050,3251,3252],{"class":2087},"frame_ancestors",[1050,3254,3255],{"class":3248},"}",[1050,3257,1614],{"class":1617},[1050,3259,2095],{"class":1063},[1050,3261,3262],{"class":1052,"line":1422},[1050,3263,1256],{"class":1110},[1050,3265,3266,3268,3270,3273,3275,3277,3280,3282,3285],{"class":1052,"line":1433},[1050,3267,2170],{"class":2109},[1050,3269,1932],{"class":1613},[1050,3271,3272],{"class":1617},"; ",[1050,3274,1900],{"class":1613},[1050,3276,2041],{"class":1063},[1050,3278,3279],{"class":2087},"join",[1050,3281,2019],{"class":1063},[1050,3283,3284],{"class":2087},"directives",[1050,3286,2095],{"class":1063},[1050,3288,3289],{"class":1052,"line":1450},[1050,3290,1590],{"class":1110},[1050,3292,3293,3295,3298,3300,3302,3304,3306],{"class":1052,"line":1464},[1050,3294,2012],{"class":1982},[1050,3296,3297],{"class":2300}," get_frame_ancestors_policy",[1050,3299,2019],{"class":1063},[1050,3301,2023],{"class":2022},[1050,3303,2026],{"class":1063},[1050,3305,2070],{"class":2029},[1050,3307,2033],{"class":1063},[1050,3309,3310,3312,3315],{"class":1052,"line":1477},[1050,3311,3125],{"class":1995},[1050,3313,3314],{"class":1999},"Determine frame-ancestors policy based on request",[1050,3316,2003],{"class":1995},[1050,3318,3319],{"class":1052,"line":1490},[1050,3320,1256],{"class":1110},[1050,3322,3323],{"class":1052,"line":1505},[1050,3324,3325],{"class":1056},"        # Sensitive pages - no framing allowed\n",[1050,3327,3328,3331,3333],{"class":1052,"line":1517},[1050,3329,3330],{"class":1110},"        sensitive_paths ",[1050,3332,1610],{"class":1063},[1050,3334,1889],{"class":1063},[1050,3336,3337,3340,3343,3345],{"class":1052,"line":1522},[1050,3338,3339],{"class":1613},"            '",[1050,3341,3342],{"class":1617},"/delete-account/",[1050,3344,1900],{"class":1613},[1050,3346,1903],{"class":1063},[1050,3348,3349,3351,3354,3356],{"class":1052,"line":1532},[1050,3350,3339],{"class":1613},[1050,3352,3353],{"class":1617},"/transfer-money/",[1050,3355,1900],{"class":1613},[1050,3357,1903],{"class":1063},[1050,3359,3360,3362,3365,3367],{"class":1052,"line":1541},[1050,3361,3339],{"class":1613},[1050,3363,3364],{"class":1617},"/admin/",[1050,3366,1900],{"class":1613},[1050,3368,1903],{"class":1063},[1050,3370,3371,3373,3376],{"class":1052,"line":1551},[1050,3372,3339],{"class":1613},[1050,3374,3375],{"class":1617},"/change-password/",[1050,3377,2701],{"class":1613},[1050,3379,3380],{"class":1052,"line":1569},[1050,3381,3198],{"class":1063},[1050,3383,3384],{"class":1052,"line":1587},[1050,3385,1256],{"class":1110},[1050,3387,3388,3390,3393,3395,3397,3399,3402,3404,3407,3409,3411,3414,3417,3420,3423,3426],{"class":1052,"line":1593},[1050,3389,2110],{"class":2109},[1050,3391,3392],{"class":2015}," any",[1050,3394,2019],{"class":1063},[1050,3396,2092],{"class":2087},[1050,3398,2041],{"class":1063},[1050,3400,3401],{"class":2044},"path",[1050,3403,2041],{"class":1063},[1050,3405,3406],{"class":2087},"startswith",[1050,3408,2019],{"class":1063},[1050,3410,3401],{"class":2087},[1050,3412,3413],{"class":1063},")",[1050,3415,3416],{"class":2109}," for",[1050,3418,3419],{"class":2087}," path ",[1050,3421,3422],{"class":2109},"in",[1050,3424,3425],{"class":2087}," sensitive_paths",[1050,3427,2033],{"class":1063},[1050,3429,3430,3433,3436,3439,3441],{"class":1052,"line":1599},[1050,3431,3432],{"class":2109},"            return",[1050,3434,3435],{"class":1613}," \"",[1050,3437,3438],{"class":1617},"'none'",[1050,3440,1614],{"class":1613},[1050,3442,3443],{"class":1056},"  # Equivalent to X-Frame-Options: DENY\n",[1050,3445,3446],{"class":1052,"line":1633},[1050,3447,1256],{"class":1110},[1050,3449,3450],{"class":1052,"line":1638},[1050,3451,3452],{"class":1056},"        # Widget pages - same origin only\n",[1050,3454,3455,3458,3460,3463,3465,3468,3470,3472,3474,3477,3479],{"class":1052,"line":1644},[1050,3456,3457],{"class":1110},"        widget_paths ",[1050,3459,1610],{"class":1063},[1050,3461,3462],{"class":1063}," [",[1050,3464,1900],{"class":1613},[1050,3466,3467],{"class":1617},"/widget/",[1050,3469,1900],{"class":1613},[1050,3471,2026],{"class":1063},[1050,3473,1932],{"class":1613},[1050,3475,3476],{"class":1617},"/embed/",[1050,3478,1900],{"class":1613},[1050,3480,1913],{"class":1063},[1050,3482,3483,3485,3487,3489,3491,3493,3495,3497,3499,3501,3503,3505,3507,3509,3511,3514],{"class":1052,"line":1668},[1050,3484,2110],{"class":2109},[1050,3486,3392],{"class":2015},[1050,3488,2019],{"class":1063},[1050,3490,2092],{"class":2087},[1050,3492,2041],{"class":1063},[1050,3494,3401],{"class":2044},[1050,3496,2041],{"class":1063},[1050,3498,3406],{"class":2087},[1050,3500,2019],{"class":1063},[1050,3502,3401],{"class":2087},[1050,3504,3413],{"class":1063},[1050,3506,3416],{"class":2109},[1050,3508,3419],{"class":2087},[1050,3510,3422],{"class":2109},[1050,3512,3513],{"class":2087}," widget_paths",[1050,3515,2033],{"class":1063},[1050,3517,3518,3520,3522,3525,3527],{"class":1052,"line":1684},[1050,3519,3432],{"class":2109},[1050,3521,3435],{"class":1613},[1050,3523,3524],{"class":1617},"'self'",[1050,3526,1614],{"class":1613},[1050,3528,3529],{"class":1056},"  # Equivalent to X-Frame-Options: SAMEORIGIN\n",[1050,3531,3532],{"class":1052,"line":1693},[1050,3533,1256],{"class":1110},[1050,3535,3536],{"class":1052,"line":1698},[1050,3537,3538],{"class":1056},"        # Public embeddable content\n",[1050,3540,3541,3544,3546,3548,3550,3553,3555],{"class":1052,"line":1704},[1050,3542,3543],{"class":1110},"        public_paths ",[1050,3545,1610],{"class":1063},[1050,3547,3462],{"class":1063},[1050,3549,1900],{"class":1613},[1050,3551,3552],{"class":1617},"/public-embed/",[1050,3554,1900],{"class":1613},[1050,3556,1913],{"class":1063},[1050,3558,3559,3561,3563,3565,3567,3569,3571,3573,3575,3577,3579,3581,3583,3585,3587,3590],{"class":1052,"line":1713},[1050,3560,2110],{"class":2109},[1050,3562,3392],{"class":2015},[1050,3564,2019],{"class":1063},[1050,3566,2092],{"class":2087},[1050,3568,2041],{"class":1063},[1050,3570,3401],{"class":2044},[1050,3572,2041],{"class":1063},[1050,3574,3406],{"class":2087},[1050,3576,2019],{"class":1063},[1050,3578,3401],{"class":2087},[1050,3580,3413],{"class":1063},[1050,3582,3416],{"class":2109},[1050,3584,3419],{"class":2087},[1050,3586,3422],{"class":2109},[1050,3588,3589],{"class":2087}," public_paths",[1050,3591,2033],{"class":1063},[1050,3593,3595,3597,3599,3602],{"class":1052,"line":3594},56,[1050,3596,3432],{"class":2109},[1050,3598,3435],{"class":1613},[1050,3600,3601],{"class":1617},"'self' https://trusted-partner.com",[1050,3603,3604],{"class":1613},"\"\n",[1050,3606,3608],{"class":1052,"line":3607},57,[1050,3609,1256],{"class":1110},[1050,3611,3613],{"class":1052,"line":3612},58,[1050,3614,3615],{"class":1056},"        # Default policy\n",[1050,3617,3619,3621,3623,3625],{"class":1052,"line":3618},59,[1050,3620,2170],{"class":2109},[1050,3622,3435],{"class":1613},[1050,3624,3524],{"class":1617},[1050,3626,3604],{"class":1613},[1050,3628,3630],{"class":1052,"line":3629},60,[1050,3631,1741],{"emptyLinePlaceholder":1740},[1050,3633,3635],{"class":1052,"line":3634},61,[1050,3636,3637],{"class":1056},"# Alternative: Using django-csp package\n",[1050,3639,3641],{"class":1052,"line":3640},62,[1050,3642,3643],{"class":1056},"# pip install django-csp\n",[1050,3645,3647],{"class":1052,"line":3646},63,[1050,3648,1741],{"emptyLinePlaceholder":1740},[1050,3650,3652],{"class":1052,"line":3651},64,[1050,3653,3654],{"class":1056},"# settings.py\n",[1050,3656,3658,3660,3662],{"class":1052,"line":3657},65,[1050,3659,1883],{"class":1154},[1050,3661,1886],{"class":1063},[1050,3663,1889],{"class":1063},[1050,3665,3667,3669,3672,3674],{"class":1052,"line":3666},66,[1050,3668,1894],{"class":1613},[1050,3670,3671],{"class":1617},"csp.middleware.CSPMiddleware",[1050,3673,1900],{"class":1613},[1050,3675,1903],{"class":1063},[1050,3677,3679],{"class":1052,"line":3678},67,[1050,3680,1908],{"class":1056},[1050,3682,3684],{"class":1052,"line":3683},68,[1050,3685,1913],{"class":1063},[1050,3687,3689],{"class":1052,"line":3688},69,[1050,3690,1741],{"emptyLinePlaceholder":1740},[1050,3692,3694],{"class":1052,"line":3693},70,[1050,3695,3696],{"class":1056},"# CSP settings for clickjacking protection\n",[1050,3698,3700,3703,3705,3708,3710,3712,3714,3717],{"class":1052,"line":3699},71,[1050,3701,3702],{"class":1154},"CSP_FRAME_ANCESTORS",[1050,3704,1886],{"class":1063},[1050,3706,3707],{"class":1063}," (",[1050,3709,1614],{"class":1613},[1050,3711,3438],{"class":1617},[1050,3713,1614],{"class":1613},[1050,3715,3716],{"class":1063},",)",[1050,3718,3719],{"class":1056},"  # Deny all framing\n",[1050,3721,3723],{"class":1052,"line":3722},72,[1050,3724,3725],{"class":1056},"# CSP_FRAME_ANCESTORS = (\"'self'\",)  # Same origin only\n",[1050,3727,3729],{"class":1052,"line":3728},73,[1050,3730,3731],{"class":1056},"# CSP_FRAME_ANCESTORS = (\"'self'\", \"https://trusted-site.com\")  # Specific origins\n",[1035,3733,3735],{"id":3734},"dynamic-csp-policies","Dynamic CSP Policies",[1040,3737,3739],{"className":1726,"code":3738,"language":1728,"meta":1045,"style":1045},"# views.py - Dynamic CSP policies\nfrom django.http import HttpResponse\n\ndef dynamic_csp_view(request):\n    \"\"\"View with dynamic CSP policy\"\"\"\n    \n    # Determine CSP policy based on user or content\n    if request.user.is_staff:\n        # Staff users - more restrictive\n        csp_policy = \"frame-ancestors 'none'\"\n    elif request.GET.get('embed') == 'true':\n        # Embed mode - allow trusted partners\n        csp_policy = \"frame-ancestors 'self' https://partner.example.com\"\n    else:\n        # Regular users - same origin only\n        csp_policy = \"frame-ancestors 'self'\"\n    \n    response = render(request, 'dynamic_content.html')\n    response['Content-Security-Policy'] = f\"default-src 'self'; {csp_policy}\"\n    \n    return response\n\n# Decorator for CSP policies\ndef csp_frame_ancestors(*ancestors):\n    \"\"\"Decorator to set CSP frame-ancestors policy\"\"\"\n    def decorator(view_func):\n        def wrapper(request, *args, **kwargs):\n            response = view_func(request, *args, **kwargs)\n            \n            ancestors_str = ' '.join(ancestors)\n            csp = f\"frame-ancestors {ancestors_str}\"\n            \n            # Add to existing CSP or create new one\n            existing_csp = response.get('Content-Security-Policy', '')\n            if existing_csp:\n                response['Content-Security-Policy'] = f\"{existing_csp}; {csp}\"\n            else:\n                response['Content-Security-Policy'] = f\"default-src 'self'; {csp}\"\n            \n            return response\n        return wrapper\n    return decorator\n\n# Usage\n@csp_frame_ancestors(\"'none'\")\ndef ultra_sensitive_view(request):\n    \"\"\"View that should never be framed\"\"\"\n    return render(request, 'ultra_sensitive.html')\n\n@csp_frame_ancestors(\"'self'\", \"https://trusted-partner.com\")\ndef partner_embeddable_view(request):\n    \"\"\"View that can be embedded by trusted partners\"\"\"\n    return render(request, 'partner_widget.html')\n",[1047,3740,3741,3746,3762,3766,3779,3788,3792,3797,3814,3819,3832,3870,3875,3888,3895,3900,3913,3917,3941,3973,3977,3983,3987,3992,4009,4018,4032,4060,4088,4093,4114,4134,4138,4143,4171,4181,4220,4227,4255,4259,4265,4272,4279,4283,4288,4305,4318,4326,4347,4351,4376,4389,4398],{"__ignoreMap":1045},[1050,3742,3743],{"class":1052,"line":1053},[1050,3744,3745],{"class":1056},"# views.py - Dynamic CSP policies\n",[1050,3747,3748,3750,3752,3754,3757,3759],{"class":1052,"line":1060},[1050,3749,2241],{"class":2109},[1050,3751,2244],{"class":1110},[1050,3753,2041],{"class":1063},[1050,3755,3756],{"class":1110},"http ",[1050,3758,2262],{"class":2109},[1050,3760,3761],{"class":1110}," HttpResponse\n",[1050,3763,3764],{"class":1052,"line":1078},[1050,3765,1741],{"emptyLinePlaceholder":1740},[1050,3767,3768,3770,3773,3775,3777],{"class":1052,"line":1088},[1050,3769,2306],{"class":1982},[1050,3771,3772],{"class":2300}," dynamic_csp_view",[1050,3774,2019],{"class":1063},[1050,3776,2092],{"class":2029},[1050,3778,2033],{"class":1063},[1050,3780,3781,3783,3786],{"class":1052,"line":1098},[1050,3782,1996],{"class":1995},[1050,3784,3785],{"class":1999},"View with dynamic CSP policy",[1050,3787,2003],{"class":1995},[1050,3789,3790],{"class":1052,"line":1121},[1050,3791,1590],{"class":1110},[1050,3793,3794],{"class":1052,"line":1131},[1050,3795,3796],{"class":1056},"    # Determine CSP policy based on user or content\n",[1050,3798,3799,3801,3803,3805,3807,3809,3812],{"class":1052,"line":1144},[1050,3800,2329],{"class":2109},[1050,3802,2070],{"class":1110},[1050,3804,2041],{"class":1063},[1050,3806,2363],{"class":2044},[1050,3808,2041],{"class":1063},[1050,3810,3811],{"class":2044},"is_staff",[1050,3813,1990],{"class":1063},[1050,3815,3816],{"class":1052,"line":1161},[1050,3817,3818],{"class":1056},"        # Staff users - more restrictive\n",[1050,3820,3821,3823,3825,3827,3830],{"class":1052,"line":1175},[1050,3822,3053],{"class":1110},[1050,3824,1610],{"class":1063},[1050,3826,3435],{"class":1613},[1050,3828,3829],{"class":1617},"frame-ancestors 'none'",[1050,3831,3604],{"class":1613},[1050,3833,3834,3837,3839,3841,3844,3846,3848,3850,3852,3855,3857,3859,3861,3863,3866,3868],{"class":1052,"line":1187},[1050,3835,3836],{"class":2109},"    elif",[1050,3838,2070],{"class":1110},[1050,3840,2041],{"class":1063},[1050,3842,3843],{"class":2160},"GET",[1050,3845,2041],{"class":1063},[1050,3847,2122],{"class":2087},[1050,3849,2019],{"class":1063},[1050,3851,1900],{"class":1613},[1050,3853,3854],{"class":1617},"embed",[1050,3856,1900],{"class":1613},[1050,3858,3413],{"class":1063},[1050,3860,2339],{"class":2113},[1050,3862,1932],{"class":1613},[1050,3864,3865],{"class":1617},"true",[1050,3867,1900],{"class":1613},[1050,3869,1990],{"class":1063},[1050,3871,3872],{"class":1052,"line":1204},[1050,3873,3874],{"class":1056},"        # Embed mode - allow trusted partners\n",[1050,3876,3877,3879,3881,3883,3886],{"class":1052,"line":1218},[1050,3878,3053],{"class":1110},[1050,3880,1610],{"class":1063},[1050,3882,3435],{"class":1613},[1050,3884,3885],{"class":1617},"frame-ancestors 'self' https://partner.example.com",[1050,3887,3604],{"class":1613},[1050,3889,3890,3893],{"class":1052,"line":1231},[1050,3891,3892],{"class":2109},"    else",[1050,3894,1990],{"class":1063},[1050,3896,3897],{"class":1052,"line":1247},[1050,3898,3899],{"class":1056},"        # Regular users - same origin only\n",[1050,3901,3902,3904,3906,3908,3911],{"class":1052,"line":1253},[1050,3903,3053],{"class":1110},[1050,3905,1610],{"class":1063},[1050,3907,3435],{"class":1613},[1050,3909,3910],{"class":1617},"frame-ancestors 'self'",[1050,3912,3604],{"class":1613},[1050,3914,3915],{"class":1052,"line":1259},[1050,3916,1590],{"class":1110},[1050,3918,3919,3922,3924,3926,3928,3930,3932,3934,3937,3939],{"class":1052,"line":1269},[1050,3920,3921],{"class":1110},"    response ",[1050,3923,1610],{"class":1063},[1050,3925,2401],{"class":2087},[1050,3927,2019],{"class":1063},[1050,3929,2092],{"class":2087},[1050,3931,2026],{"class":1063},[1050,3933,1932],{"class":1613},[1050,3935,3936],{"class":1617},"dynamic_content.html",[1050,3938,1900],{"class":1613},[1050,3940,2095],{"class":1063},[1050,3942,3943,3946,3948,3950,3952,3954,3956,3958,3961,3964,3966,3969,3971],{"class":1052,"line":1280},[1050,3944,3945],{"class":1110},"    response",[1050,3947,2141],{"class":1063},[1050,3949,1900],{"class":1613},[1050,3951,3080],{"class":1617},[1050,3953,1900],{"class":1613},[1050,3955,2150],{"class":1063},[1050,3957,1886],{"class":1063},[1050,3959,3960],{"class":1982}," f",[1050,3962,3963],{"class":1617},"\"default-src 'self'; ",[1050,3965,3249],{"class":3248},[1050,3967,3968],{"class":1110},"csp_policy",[1050,3970,3255],{"class":3248},[1050,3972,3604],{"class":1617},[1050,3974,3975],{"class":1052,"line":1295},[1050,3976,1590],{"class":1110},[1050,3978,3979,3981],{"class":1052,"line":1309},[1050,3980,2398],{"class":2109},[1050,3982,2173],{"class":1110},[1050,3984,3985],{"class":1052,"line":1322},[1050,3986,1741],{"emptyLinePlaceholder":1740},[1050,3988,3989],{"class":1052,"line":1336},[1050,3990,3991],{"class":1056},"# Decorator for CSP policies\n",[1050,3993,3994,3996,3999,4001,4004,4007],{"class":1052,"line":1349},[1050,3995,2306],{"class":1982},[1050,3997,3998],{"class":2300}," csp_frame_ancestors",[1050,4000,2019],{"class":1063},[1050,4002,4003],{"class":2113},"*",[1050,4005,4006],{"class":2029},"ancestors",[1050,4008,2033],{"class":1063},[1050,4010,4011,4013,4016],{"class":1052,"line":1362},[1050,4012,1996],{"class":1995},[1050,4014,4015],{"class":1999},"Decorator to set CSP frame-ancestors policy",[1050,4017,2003],{"class":1995},[1050,4019,4020,4022,4025,4027,4030],{"class":1052,"line":1375},[1050,4021,2012],{"class":1982},[1050,4023,4024],{"class":2300}," decorator",[1050,4026,2019],{"class":1063},[1050,4028,4029],{"class":2029},"view_func",[1050,4031,2033],{"class":1063},[1050,4033,4034,4037,4040,4042,4044,4046,4049,4052,4054,4056,4058],{"class":1052,"line":1389},[1050,4035,4036],{"class":1982},"        def",[1050,4038,4039],{"class":2300}," wrapper",[1050,4041,2019],{"class":1063},[1050,4043,2092],{"class":2029},[1050,4045,2026],{"class":1063},[1050,4047,4048],{"class":2113}," *",[1050,4050,4051],{"class":2029},"args",[1050,4053,2026],{"class":1063},[1050,4055,2868],{"class":2113},[1050,4057,2871],{"class":2029},[1050,4059,2033],{"class":1063},[1050,4061,4062,4065,4067,4070,4072,4074,4076,4078,4080,4082,4084,4086],{"class":1052,"line":1402},[1050,4063,4064],{"class":1110},"            response ",[1050,4066,1610],{"class":1063},[1050,4068,4069],{"class":2087}," view_func",[1050,4071,2019],{"class":1063},[1050,4073,2092],{"class":2087},[1050,4075,2026],{"class":1063},[1050,4077,4048],{"class":2113},[1050,4079,4051],{"class":2087},[1050,4081,2026],{"class":1063},[1050,4083,2868],{"class":2113},[1050,4085,2871],{"class":2087},[1050,4087,2095],{"class":1063},[1050,4089,4090],{"class":1052,"line":1407},[1050,4091,4092],{"class":1110},"            \n",[1050,4094,4095,4098,4100,4102,4104,4106,4108,4110,4112],{"class":1052,"line":1412},[1050,4096,4097],{"class":1110},"            ancestors_str ",[1050,4099,1610],{"class":1063},[1050,4101,1932],{"class":1613},[1050,4103,1932],{"class":1613},[1050,4105,2041],{"class":1063},[1050,4107,3279],{"class":2087},[1050,4109,2019],{"class":1063},[1050,4111,4006],{"class":2087},[1050,4113,2095],{"class":1063},[1050,4115,4116,4119,4121,4123,4125,4127,4130,4132],{"class":1052,"line":1422},[1050,4117,4118],{"class":1110},"            csp ",[1050,4120,1610],{"class":1063},[1050,4122,3960],{"class":1982},[1050,4124,3245],{"class":1617},[1050,4126,3249],{"class":3248},[1050,4128,4129],{"class":1110},"ancestors_str",[1050,4131,3255],{"class":3248},[1050,4133,3604],{"class":1617},[1050,4135,4136],{"class":1052,"line":1433},[1050,4137,4092],{"class":1110},[1050,4139,4140],{"class":1052,"line":1450},[1050,4141,4142],{"class":1056},"            # Add to existing CSP or create new one\n",[1050,4144,4145,4148,4150,4152,4154,4156,4158,4160,4162,4164,4166,4169],{"class":1052,"line":1464},[1050,4146,4147],{"class":1110},"            existing_csp ",[1050,4149,1610],{"class":1063},[1050,4151,2117],{"class":1110},[1050,4153,2041],{"class":1063},[1050,4155,2122],{"class":2087},[1050,4157,2019],{"class":1063},[1050,4159,1900],{"class":1613},[1050,4161,3080],{"class":1617},[1050,4163,1900],{"class":1613},[1050,4165,2026],{"class":1063},[1050,4167,4168],{"class":1613}," ''",[1050,4170,2095],{"class":1063},[1050,4172,4173,4176,4179],{"class":1052,"line":1477},[1050,4174,4175],{"class":2109},"            if",[1050,4177,4178],{"class":1110}," existing_csp",[1050,4180,1990],{"class":1063},[1050,4182,4183,4186,4188,4190,4192,4194,4196,4198,4200,4202,4204,4207,4209,4211,4213,4216,4218],{"class":1052,"line":1490},[1050,4184,4185],{"class":1110},"                response",[1050,4187,2141],{"class":1063},[1050,4189,1900],{"class":1613},[1050,4191,3080],{"class":1617},[1050,4193,1900],{"class":1613},[1050,4195,2150],{"class":1063},[1050,4197,1886],{"class":1063},[1050,4199,3960],{"class":1982},[1050,4201,1614],{"class":1617},[1050,4203,3249],{"class":3248},[1050,4205,4206],{"class":1110},"existing_csp",[1050,4208,3255],{"class":3248},[1050,4210,3272],{"class":1617},[1050,4212,3249],{"class":3248},[1050,4214,4215],{"class":1110},"csp",[1050,4217,3255],{"class":3248},[1050,4219,3604],{"class":1617},[1050,4221,4222,4225],{"class":1052,"line":1505},[1050,4223,4224],{"class":2109},"            else",[1050,4226,1990],{"class":1063},[1050,4228,4229,4231,4233,4235,4237,4239,4241,4243,4245,4247,4249,4251,4253],{"class":1052,"line":1517},[1050,4230,4185],{"class":1110},[1050,4232,2141],{"class":1063},[1050,4234,1900],{"class":1613},[1050,4236,3080],{"class":1617},[1050,4238,1900],{"class":1613},[1050,4240,2150],{"class":1063},[1050,4242,1886],{"class":1063},[1050,4244,3960],{"class":1982},[1050,4246,3963],{"class":1617},[1050,4248,3249],{"class":3248},[1050,4250,4215],{"class":1110},[1050,4252,3255],{"class":3248},[1050,4254,3604],{"class":1617},[1050,4256,4257],{"class":1052,"line":1522},[1050,4258,4092],{"class":1110},[1050,4260,4261,4263],{"class":1052,"line":1532},[1050,4262,3432],{"class":2109},[1050,4264,2173],{"class":1110},[1050,4266,4267,4269],{"class":1052,"line":1541},[1050,4268,2170],{"class":2109},[1050,4270,4271],{"class":1110}," wrapper\n",[1050,4273,4274,4276],{"class":1052,"line":1551},[1050,4275,2398],{"class":2109},[1050,4277,4278],{"class":1110}," decorator\n",[1050,4280,4281],{"class":1052,"line":1569},[1050,4282,1741],{"emptyLinePlaceholder":1740},[1050,4284,4285],{"class":1052,"line":1587},[1050,4286,4287],{"class":1056},"# Usage\n",[1050,4289,4290,4292,4295,4297,4299,4301,4303],{"class":1052,"line":1593},[1050,4291,2297],{"class":1063},[1050,4293,4294],{"class":2300},"csp_frame_ancestors",[1050,4296,2019],{"class":1063},[1050,4298,1614],{"class":1613},[1050,4300,3438],{"class":1617},[1050,4302,1614],{"class":1613},[1050,4304,2095],{"class":1063},[1050,4306,4307,4309,4312,4314,4316],{"class":1052,"line":1599},[1050,4308,2306],{"class":1982},[1050,4310,4311],{"class":2300}," ultra_sensitive_view",[1050,4313,2019],{"class":1063},[1050,4315,2092],{"class":2029},[1050,4317,2033],{"class":1063},[1050,4319,4320,4322,4324],{"class":1052,"line":1633},[1050,4321,1996],{"class":1995},[1050,4323,2322],{"class":1999},[1050,4325,2003],{"class":1995},[1050,4327,4328,4330,4332,4334,4336,4338,4340,4343,4345],{"class":1052,"line":1638},[1050,4329,2398],{"class":2109},[1050,4331,2401],{"class":2087},[1050,4333,2019],{"class":1063},[1050,4335,2092],{"class":2087},[1050,4337,2026],{"class":1063},[1050,4339,1932],{"class":1613},[1050,4341,4342],{"class":1617},"ultra_sensitive.html",[1050,4344,1900],{"class":1613},[1050,4346,2095],{"class":1063},[1050,4348,4349],{"class":1052,"line":1644},[1050,4350,1741],{"emptyLinePlaceholder":1740},[1050,4352,4353,4355,4357,4359,4361,4363,4365,4367,4369,4372,4374],{"class":1052,"line":1668},[1050,4354,2297],{"class":1063},[1050,4356,4294],{"class":2300},[1050,4358,2019],{"class":1063},[1050,4360,1614],{"class":1613},[1050,4362,3524],{"class":1617},[1050,4364,1614],{"class":1613},[1050,4366,2026],{"class":1063},[1050,4368,3435],{"class":1613},[1050,4370,4371],{"class":1617},"https://trusted-partner.com",[1050,4373,1614],{"class":1613},[1050,4375,2095],{"class":1063},[1050,4377,4378,4380,4383,4385,4387],{"class":1052,"line":1684},[1050,4379,2306],{"class":1982},[1050,4381,4382],{"class":2300}," partner_embeddable_view",[1050,4384,2019],{"class":1063},[1050,4386,2092],{"class":2029},[1050,4388,2033],{"class":1063},[1050,4390,4391,4393,4396],{"class":1052,"line":1693},[1050,4392,1996],{"class":1995},[1050,4394,4395],{"class":1999},"View that can be embedded by trusted partners",[1050,4397,2003],{"class":1995},[1050,4399,4400,4402,4404,4406,4408,4410,4412,4415,4417],{"class":1052,"line":1698},[1050,4401,2398],{"class":2109},[1050,4403,2401],{"class":2087},[1050,4405,2019],{"class":1063},[1050,4407,2092],{"class":2087},[1050,4409,2026],{"class":1063},[1050,4411,1932],{"class":1613},[1050,4413,4414],{"class":1617},"partner_widget.html",[1050,4416,1900],{"class":1613},[1050,4418,2095],{"class":1063},[1030,4420,4422],{"id":4421},"advanced-clickjacking-protection","Advanced Clickjacking Protection",[1035,4424,4426],{"id":4425},"javascript-based-protection","JavaScript-Based Protection",[1040,4428,4432],{"className":4429,"code":4430,"language":4431,"meta":1045,"style":1045},"language-javascript shiki shiki-themes material-theme-lighter vitesse-light vitesse-dark","// static/js/clickjacking-protection.js\n(function() {\n    'use strict';\n    \n    // Frame busting code\n    function preventClickjacking() {\n        // Check if page is in a frame\n        if (window.top !== window.self) {\n            \n            // Method 1: Break out of frame\n            try {\n                window.top.location = window.self.location;\n            } catch (e) {\n                // If we can't access parent, hide content\n                document.body.style.display = 'none';\n                \n                // Show warning message\n                var warning = document.createElement('div');\n                warning.innerHTML = 'This page cannot be displayed in a frame for security reasons.';\n                warning.style.cssText = 'position:fixed;top:0;left:0;width:100%;height:100%;background:red;color:white;text-align:center;padding:50px;z-index:999999;';\n                document.body.appendChild(warning);\n            }\n        }\n    }\n    \n    // Enhanced frame detection\n    function detectFraming() {\n        var isFramed = false;\n        \n        try {\n            isFramed = (window.top !== window.self);\n        } catch (e) {\n            isFramed = true; // Cross-origin frame\n        }\n        \n        if (isFramed) {\n            // Log potential clickjacking attempt\n            if (console && console.warn) {\n                console.warn('Potential clickjacking attempt detected');\n            }\n            \n            // Send alert to server\n            fetch('/security/clickjacking-attempt/', {\n                method: 'POST',\n                headers: {\n                    'Content-Type': 'application/json',\n                    'X-CSRFToken': getCsrfToken()\n                },\n                body: JSON.stringify({\n                    'referrer': document.referrer,\n                    'user_agent': navigator.userAgent,\n                    'timestamp': new Date().toISOString()\n                })\n            });\n            \n            return true;\n        }\n        \n        return false;\n    }\n    \n    // Run protection on page load\n    if (document.readyState === 'loading') {\n        document.addEventListener('DOMContentLoaded', preventClickjacking);\n    } else {\n        preventClickjacking();\n    }\n    \n    // Continuous monitoring\n    setInterval(function() {\n        if (detectFraming()) {\n            preventClickjacking();\n        }\n    }, 1000);\n    \n    // Helper function to get CSRF token\n    function getCsrfToken() {\n        var cookies = document.cookie.split(';');\n        for (var i = 0; i \u003C cookies.length; i++) {\n            var cookie = cookies[i].trim();\n            if (cookie.indexOf('csrftoken=') === 0) {\n                return cookie.substring('csrftoken='.length);\n            }\n        }\n        return '';\n    }\n})();\n","javascript",[1047,4433,4434,4439,4452,4463,4467,4472,4484,4489,4519,4523,4528,4535,4563,4580,4585,4614,4619,4624,4654,4675,4699,4721,4726,4730,4735,4739,4744,4755,4771,4775,4782,4809,4824,4838,4842,4846,4859,4864,4888,4910,4914,4918,4923,4941,4957,4966,4988,5004,5009,5029,5048,5069,5095,5102,5110,5114,5122,5126,5130,5138,5142,5146,5151,5179,5206,5216,5225,5229,5233,5238,5251,5265,5274,5278,5290,5295,5301,5312,5346,5390,5419,5452,5481,5486,5491,5500,5505],{"__ignoreMap":1045},[1050,4435,4436],{"class":1052,"line":1053},[1050,4437,4438],{"class":1056},"// static/js/clickjacking-protection.js\n",[1050,4440,4441,4444,4447,4450],{"class":1052,"line":1060},[1050,4442,2019],{"class":4443},"snCua",[1050,4445,4446],{"class":1982},"function",[1050,4448,4449],{"class":1063},"()",[1050,4451,1141],{"class":1063},[1050,4453,4454,4456,4459,4461],{"class":1052,"line":1078},[1050,4455,1894],{"class":1613},[1050,4457,4458],{"class":1617},"use strict",[1050,4460,1900],{"class":1613},[1050,4462,1158],{"class":1063},[1050,4464,4465],{"class":1052,"line":1088},[1050,4466,1590],{"class":2044},[1050,4468,4469],{"class":1052,"line":1098},[1050,4470,4471],{"class":1056},"    // Frame busting code\n",[1050,4473,4474,4477,4480,4482],{"class":1052,"line":1121},[1050,4475,4476],{"class":1982},"    function",[1050,4478,4479],{"class":2300}," preventClickjacking",[1050,4481,4449],{"class":1063},[1050,4483,1141],{"class":1063},[1050,4485,4486],{"class":1052,"line":1131},[1050,4487,4488],{"class":1056},"        // Check if page is in a frame\n",[1050,4490,4491,4493,4496,4500,4502,4505,4508,4511,4513,4515,4517],{"class":1052,"line":1144},[1050,4492,2110],{"class":2109},[1050,4494,3707],{"class":4495},"sLdnO",[1050,4497,4499],{"class":4498},"sSC40","window",[1050,4501,2041],{"class":1063},[1050,4503,4504],{"class":4498},"top",[1050,4506,4507],{"class":2113}," !==",[1050,4509,4510],{"class":4498}," window",[1050,4512,2041],{"class":1063},[1050,4514,2023],{"class":4498},[1050,4516,3413],{"class":4495},[1050,4518,1141],{"class":1063},[1050,4520,4521],{"class":1052,"line":1161},[1050,4522,4092],{"class":2044},[1050,4524,4525],{"class":1052,"line":1175},[1050,4526,4527],{"class":1056},"            // Method 1: Break out of frame\n",[1050,4529,4530,4533],{"class":1052,"line":1187},[1050,4531,4532],{"class":2109},"            try",[1050,4534,1141],{"class":1063},[1050,4536,4537,4540,4542,4544,4546,4549,4551,4553,4555,4557,4559,4561],{"class":1052,"line":1204},[1050,4538,4539],{"class":4498},"                window",[1050,4541,2041],{"class":1063},[1050,4543,4504],{"class":4498},[1050,4545,2041],{"class":1063},[1050,4547,4548],{"class":4498},"location",[1050,4550,1886],{"class":1063},[1050,4552,4510],{"class":4498},[1050,4554,2041],{"class":1063},[1050,4556,2023],{"class":4498},[1050,4558,2041],{"class":1063},[1050,4560,4548],{"class":4498},[1050,4562,1158],{"class":1063},[1050,4564,4565,4568,4571,4573,4576,4578],{"class":1052,"line":1218},[1050,4566,4567],{"class":1063},"            }",[1050,4569,4570],{"class":2109}," catch",[1050,4572,3707],{"class":4495},[1050,4574,4575],{"class":4498},"e",[1050,4577,3413],{"class":4495},[1050,4579,1141],{"class":1063},[1050,4581,4582],{"class":1052,"line":1231},[1050,4583,4584],{"class":1056},"                // If we can't access parent, hide content\n",[1050,4586,4587,4590,4592,4594,4596,4598,4600,4603,4605,4607,4610,4612],{"class":1052,"line":1247},[1050,4588,4589],{"class":4498},"                document",[1050,4591,2041],{"class":1063},[1050,4593,1546],{"class":4498},[1050,4595,2041],{"class":1063},[1050,4597,1126],{"class":4498},[1050,4599,2041],{"class":1063},[1050,4601,4602],{"class":4498},"display",[1050,4604,1886],{"class":1063},[1050,4606,1932],{"class":1613},[1050,4608,4609],{"class":1617},"none",[1050,4611,1900],{"class":1613},[1050,4613,1158],{"class":1063},[1050,4615,4616],{"class":1052,"line":1253},[1050,4617,4618],{"class":2044},"                \n",[1050,4620,4621],{"class":1052,"line":1259},[1050,4622,4623],{"class":1056},"                // Show warning message\n",[1050,4625,4626,4629,4632,4634,4637,4639,4642,4644,4646,4648,4650,4652],{"class":1052,"line":1269},[1050,4627,4628],{"class":1982},"                var",[1050,4630,4631],{"class":4498}," warning",[1050,4633,1886],{"class":1063},[1050,4635,4636],{"class":4498}," document",[1050,4638,2041],{"class":1063},[1050,4640,4641],{"class":2300},"createElement",[1050,4643,2019],{"class":4495},[1050,4645,1900],{"class":1613},[1050,4647,1604],{"class":1617},[1050,4649,1900],{"class":1613},[1050,4651,3413],{"class":4495},[1050,4653,1158],{"class":1063},[1050,4655,4656,4659,4661,4664,4666,4668,4671,4673],{"class":1052,"line":1280},[1050,4657,4658],{"class":4498},"                warning",[1050,4660,2041],{"class":1063},[1050,4662,4663],{"class":4498},"innerHTML",[1050,4665,1886],{"class":1063},[1050,4667,1932],{"class":1613},[1050,4669,4670],{"class":1617},"This page cannot be displayed in a frame for security reasons.",[1050,4672,1900],{"class":1613},[1050,4674,1158],{"class":1063},[1050,4676,4677,4679,4681,4683,4685,4688,4690,4692,4695,4697],{"class":1052,"line":1295},[1050,4678,4658],{"class":4498},[1050,4680,2041],{"class":1063},[1050,4682,1126],{"class":4498},[1050,4684,2041],{"class":1063},[1050,4686,4687],{"class":4498},"cssText",[1050,4689,1886],{"class":1063},[1050,4691,1932],{"class":1613},[1050,4693,4694],{"class":1617},"position:fixed;top:0;left:0;width:100%;height:100%;background:red;color:white;text-align:center;padding:50px;z-index:999999;",[1050,4696,1900],{"class":1613},[1050,4698,1158],{"class":1063},[1050,4700,4701,4703,4705,4707,4709,4712,4714,4717,4719],{"class":1052,"line":1309},[1050,4702,4589],{"class":4498},[1050,4704,2041],{"class":1063},[1050,4706,1546],{"class":4498},[1050,4708,2041],{"class":1063},[1050,4710,4711],{"class":2300},"appendChild",[1050,4713,2019],{"class":4495},[1050,4715,4716],{"class":4498},"warning",[1050,4718,3413],{"class":4495},[1050,4720,1158],{"class":1063},[1050,4722,4723],{"class":1052,"line":1322},[1050,4724,4725],{"class":1063},"            }\n",[1050,4727,4728],{"class":1052,"line":1336},[1050,4729,1250],{"class":1063},[1050,4731,4732],{"class":1052,"line":1349},[1050,4733,4734],{"class":1063},"    }\n",[1050,4736,4737],{"class":1052,"line":1362},[1050,4738,1590],{"class":2044},[1050,4740,4741],{"class":1052,"line":1375},[1050,4742,4743],{"class":1056},"    // Enhanced frame detection\n",[1050,4745,4746,4748,4751,4753],{"class":1052,"line":1389},[1050,4747,4476],{"class":1982},[1050,4749,4750],{"class":2300}," detectFraming",[1050,4752,4449],{"class":1063},[1050,4754,1141],{"class":1063},[1050,4756,4757,4760,4763,4765,4769],{"class":1052,"line":1402},[1050,4758,4759],{"class":1982},"        var",[1050,4761,4762],{"class":4498}," isFramed",[1050,4764,1886],{"class":1063},[1050,4766,4768],{"class":4767},"sq3J1"," false",[1050,4770,1158],{"class":1063},[1050,4772,4773],{"class":1052,"line":1407},[1050,4774,1256],{"class":2044},[1050,4776,4777,4780],{"class":1052,"line":1412},[1050,4778,4779],{"class":2109},"        try",[1050,4781,1141],{"class":1063},[1050,4783,4784,4787,4789,4791,4793,4795,4797,4799,4801,4803,4805,4807],{"class":1052,"line":1422},[1050,4785,4786],{"class":4498},"            isFramed",[1050,4788,1886],{"class":1063},[1050,4790,3707],{"class":4495},[1050,4792,4499],{"class":4498},[1050,4794,2041],{"class":1063},[1050,4796,4504],{"class":4498},[1050,4798,4507],{"class":2113},[1050,4800,4510],{"class":4498},[1050,4802,2041],{"class":1063},[1050,4804,2023],{"class":4498},[1050,4806,3413],{"class":4495},[1050,4808,1158],{"class":1063},[1050,4810,4811,4814,4816,4818,4820,4822],{"class":1052,"line":1433},[1050,4812,4813],{"class":1063},"        }",[1050,4815,4570],{"class":2109},[1050,4817,3707],{"class":4495},[1050,4819,4575],{"class":4498},[1050,4821,3413],{"class":4495},[1050,4823,1141],{"class":1063},[1050,4825,4826,4828,4830,4833,4835],{"class":1052,"line":1450},[1050,4827,4786],{"class":4498},[1050,4829,1886],{"class":1063},[1050,4831,4832],{"class":4767}," true",[1050,4834,1241],{"class":1063},[1050,4836,4837],{"class":1056}," // Cross-origin frame\n",[1050,4839,4840],{"class":1052,"line":1464},[1050,4841,1250],{"class":1063},[1050,4843,4844],{"class":1052,"line":1477},[1050,4845,1256],{"class":2044},[1050,4847,4848,4850,4852,4855,4857],{"class":1052,"line":1490},[1050,4849,2110],{"class":2109},[1050,4851,3707],{"class":4495},[1050,4853,4854],{"class":4498},"isFramed",[1050,4856,3413],{"class":4495},[1050,4858,1141],{"class":1063},[1050,4860,4861],{"class":1052,"line":1505},[1050,4862,4863],{"class":1056},"            // Log potential clickjacking attempt\n",[1050,4865,4866,4868,4870,4873,4876,4879,4881,4884,4886],{"class":1052,"line":1517},[1050,4867,4175],{"class":2109},[1050,4869,3707],{"class":4495},[1050,4871,4872],{"class":4498},"console",[1050,4874,4875],{"class":2113}," &&",[1050,4877,4878],{"class":4498}," console",[1050,4880,2041],{"class":1063},[1050,4882,4883],{"class":4498},"warn",[1050,4885,3413],{"class":4495},[1050,4887,1141],{"class":1063},[1050,4889,4890,4893,4895,4897,4899,4901,4904,4906,4908],{"class":1052,"line":1522},[1050,4891,4892],{"class":4498},"                console",[1050,4894,2041],{"class":1063},[1050,4896,4883],{"class":2300},[1050,4898,2019],{"class":4495},[1050,4900,1900],{"class":1613},[1050,4902,4903],{"class":1617},"Potential clickjacking attempt detected",[1050,4905,1900],{"class":1613},[1050,4907,3413],{"class":4495},[1050,4909,1158],{"class":1063},[1050,4911,4912],{"class":1052,"line":1532},[1050,4913,4725],{"class":1063},[1050,4915,4916],{"class":1052,"line":1541},[1050,4917,4092],{"class":2044},[1050,4919,4920],{"class":1052,"line":1551},[1050,4921,4922],{"class":1056},"            // Send alert to server\n",[1050,4924,4925,4928,4930,4932,4935,4937,4939],{"class":1052,"line":1569},[1050,4926,4927],{"class":2300},"            fetch",[1050,4929,2019],{"class":4495},[1050,4931,1900],{"class":1613},[1050,4933,4934],{"class":1617},"/security/clickjacking-attempt/",[1050,4936,1900],{"class":1613},[1050,4938,2026],{"class":1063},[1050,4940,1141],{"class":1063},[1050,4942,4943,4947,4949,4951,4953,4955],{"class":1052,"line":1587},[1050,4944,4946],{"class":4945},"suXOh","                method",[1050,4948,1151],{"class":1063},[1050,4950,1932],{"class":1613},[1050,4952,2344],{"class":1617},[1050,4954,1900],{"class":1613},[1050,4956,1903],{"class":1063},[1050,4958,4959,4962,4964],{"class":1052,"line":1593},[1050,4960,4961],{"class":4945},"                headers",[1050,4963,1151],{"class":1063},[1050,4965,1141],{"class":1063},[1050,4967,4968,4971,4975,4977,4979,4981,4984,4986],{"class":1052,"line":1599},[1050,4969,4970],{"class":1613},"                    '",[1050,4972,4974],{"class":4973},"sQtxO","Content-Type",[1050,4976,1900],{"class":1613},[1050,4978,1151],{"class":1063},[1050,4980,1932],{"class":1613},[1050,4982,4983],{"class":1617},"application/json",[1050,4985,1900],{"class":1613},[1050,4987,1903],{"class":1063},[1050,4989,4990,4992,4995,4997,4999,5002],{"class":1052,"line":1633},[1050,4991,4970],{"class":1613},[1050,4993,4994],{"class":4973},"X-CSRFToken",[1050,4996,1900],{"class":1613},[1050,4998,1151],{"class":1063},[1050,5000,5001],{"class":2300}," getCsrfToken",[1050,5003,2371],{"class":4495},[1050,5005,5006],{"class":1052,"line":1638},[1050,5007,5008],{"class":1063},"                },\n",[1050,5010,5011,5014,5016,5019,5021,5024,5026],{"class":1052,"line":1644},[1050,5012,5013],{"class":4945},"                body",[1050,5015,1151],{"class":1063},[1050,5017,5018],{"class":4498}," JSON",[1050,5020,2041],{"class":1063},[1050,5022,5023],{"class":2300},"stringify",[1050,5025,2019],{"class":4495},[1050,5027,5028],{"class":1063},"{\n",[1050,5030,5031,5033,5036,5038,5040,5042,5044,5046],{"class":1052,"line":1668},[1050,5032,4970],{"class":1613},[1050,5034,5035],{"class":4973},"referrer",[1050,5037,1900],{"class":1613},[1050,5039,1151],{"class":1063},[1050,5041,4636],{"class":4498},[1050,5043,2041],{"class":1063},[1050,5045,5035],{"class":4498},[1050,5047,1903],{"class":1063},[1050,5049,5050,5052,5055,5057,5059,5062,5064,5067],{"class":1052,"line":1684},[1050,5051,4970],{"class":1613},[1050,5053,5054],{"class":4973},"user_agent",[1050,5056,1900],{"class":1613},[1050,5058,1151],{"class":1063},[1050,5060,5061],{"class":4498}," navigator",[1050,5063,2041],{"class":1063},[1050,5065,5066],{"class":4498},"userAgent",[1050,5068,1903],{"class":1063},[1050,5070,5071,5073,5076,5078,5080,5083,5086,5088,5090,5093],{"class":1052,"line":1693},[1050,5072,4970],{"class":1613},[1050,5074,5075],{"class":4973},"timestamp",[1050,5077,1900],{"class":1613},[1050,5079,1151],{"class":1063},[1050,5081,5082],{"class":2113}," new",[1050,5084,5085],{"class":2300}," Date",[1050,5087,4449],{"class":4495},[1050,5089,2041],{"class":1063},[1050,5091,5092],{"class":2300},"toISOString",[1050,5094,2371],{"class":4495},[1050,5096,5097,5100],{"class":1052,"line":1698},[1050,5098,5099],{"class":1063},"                }",[1050,5101,2095],{"class":4495},[1050,5103,5104,5106,5108],{"class":1052,"line":1704},[1050,5105,4567],{"class":1063},[1050,5107,3413],{"class":4495},[1050,5109,1158],{"class":1063},[1050,5111,5112],{"class":1052,"line":1713},[1050,5113,4092],{"class":2044},[1050,5115,5116,5118,5120],{"class":1052,"line":3594},[1050,5117,3432],{"class":2109},[1050,5119,4832],{"class":4767},[1050,5121,1158],{"class":1063},[1050,5123,5124],{"class":1052,"line":3607},[1050,5125,1250],{"class":1063},[1050,5127,5128],{"class":1052,"line":3612},[1050,5129,1256],{"class":2044},[1050,5131,5132,5134,5136],{"class":1052,"line":3618},[1050,5133,2170],{"class":2109},[1050,5135,4768],{"class":4767},[1050,5137,1158],{"class":1063},[1050,5139,5140],{"class":1052,"line":3629},[1050,5141,4734],{"class":1063},[1050,5143,5144],{"class":1052,"line":3634},[1050,5145,1590],{"class":2044},[1050,5147,5148],{"class":1052,"line":3640},[1050,5149,5150],{"class":1056},"    // Run protection on page load\n",[1050,5152,5153,5155,5157,5160,5162,5165,5168,5170,5173,5175,5177],{"class":1052,"line":3646},[1050,5154,2329],{"class":2109},[1050,5156,3707],{"class":4495},[1050,5158,5159],{"class":4498},"document",[1050,5161,2041],{"class":1063},[1050,5163,5164],{"class":4498},"readyState",[1050,5166,5167],{"class":2113}," ===",[1050,5169,1932],{"class":1613},[1050,5171,5172],{"class":1617},"loading",[1050,5174,1900],{"class":1613},[1050,5176,3413],{"class":4495},[1050,5178,1141],{"class":1063},[1050,5180,5181,5184,5186,5189,5191,5193,5196,5198,5200,5202,5204],{"class":1052,"line":3651},[1050,5182,5183],{"class":4498},"        document",[1050,5185,2041],{"class":1063},[1050,5187,5188],{"class":2300},"addEventListener",[1050,5190,2019],{"class":4495},[1050,5192,1900],{"class":1613},[1050,5194,5195],{"class":1617},"DOMContentLoaded",[1050,5197,1900],{"class":1613},[1050,5199,2026],{"class":1063},[1050,5201,4479],{"class":4498},[1050,5203,3413],{"class":4495},[1050,5205,1158],{"class":1063},[1050,5207,5208,5211,5214],{"class":1052,"line":3657},[1050,5209,5210],{"class":1063},"    }",[1050,5212,5213],{"class":2109}," else",[1050,5215,1141],{"class":1063},[1050,5217,5218,5221,5223],{"class":1052,"line":3666},[1050,5219,5220],{"class":2300},"        preventClickjacking",[1050,5222,4449],{"class":4495},[1050,5224,1158],{"class":1063},[1050,5226,5227],{"class":1052,"line":3678},[1050,5228,4734],{"class":1063},[1050,5230,5231],{"class":1052,"line":3683},[1050,5232,1590],{"class":2044},[1050,5234,5235],{"class":1052,"line":3688},[1050,5236,5237],{"class":1056},"    // Continuous monitoring\n",[1050,5239,5240,5243,5245,5247,5249],{"class":1052,"line":3693},[1050,5241,5242],{"class":2300},"    setInterval",[1050,5244,2019],{"class":4495},[1050,5246,4446],{"class":1982},[1050,5248,4449],{"class":1063},[1050,5250,1141],{"class":1063},[1050,5252,5253,5255,5257,5260,5263],{"class":1052,"line":3699},[1050,5254,2110],{"class":2109},[1050,5256,3707],{"class":4495},[1050,5258,5259],{"class":2300},"detectFraming",[1050,5261,5262],{"class":4495},"())",[1050,5264,1141],{"class":1063},[1050,5266,5267,5270,5272],{"class":1052,"line":3722},[1050,5268,5269],{"class":2300},"            preventClickjacking",[1050,5271,4449],{"class":4495},[1050,5273,1158],{"class":1063},[1050,5275,5276],{"class":1052,"line":3728},[1050,5277,1250],{"class":1063},[1050,5279,5281,5284,5286,5288],{"class":1052,"line":5280},74,[1050,5282,5283],{"class":1063},"    },",[1050,5285,1226],{"class":1169},[1050,5287,3413],{"class":4495},[1050,5289,1158],{"class":1063},[1050,5291,5293],{"class":1052,"line":5292},75,[1050,5294,1590],{"class":2044},[1050,5296,5298],{"class":1052,"line":5297},76,[1050,5299,5300],{"class":1056},"    // Helper function to get CSRF token\n",[1050,5302,5304,5306,5308,5310],{"class":1052,"line":5303},77,[1050,5305,4476],{"class":1982},[1050,5307,5001],{"class":2300},[1050,5309,4449],{"class":1063},[1050,5311,1141],{"class":1063},[1050,5313,5315,5317,5320,5322,5324,5326,5329,5331,5334,5336,5338,5340,5342,5344],{"class":1052,"line":5314},78,[1050,5316,4759],{"class":1982},[1050,5318,5319],{"class":4498}," cookies",[1050,5321,1886],{"class":1063},[1050,5323,4636],{"class":4498},[1050,5325,2041],{"class":1063},[1050,5327,5328],{"class":4498},"cookie",[1050,5330,2041],{"class":1063},[1050,5332,5333],{"class":2300},"split",[1050,5335,2019],{"class":4495},[1050,5337,1900],{"class":1613},[1050,5339,1241],{"class":1617},[1050,5341,1900],{"class":1613},[1050,5343,3413],{"class":4495},[1050,5345,1158],{"class":1063},[1050,5347,5349,5352,5354,5357,5360,5362,5364,5366,5368,5371,5373,5375,5379,5381,5383,5386,5388],{"class":1052,"line":5348},79,[1050,5350,5351],{"class":2109},"        for",[1050,5353,3707],{"class":4495},[1050,5355,5356],{"class":1982},"var",[1050,5358,5359],{"class":4498}," i",[1050,5361,1886],{"class":1063},[1050,5363,1170],{"class":1169},[1050,5365,1241],{"class":1063},[1050,5367,5359],{"class":4498},[1050,5369,5370],{"class":1063}," \u003C",[1050,5372,5319],{"class":4498},[1050,5374,2041],{"class":1063},[1050,5376,5378],{"class":5377},"s131V","length",[1050,5380,1241],{"class":1063},[1050,5382,5359],{"class":4498},[1050,5384,5385],{"class":2113},"++",[1050,5387,3413],{"class":4495},[1050,5389,1141],{"class":1063},[1050,5391,5393,5396,5399,5401,5403,5405,5408,5410,5412,5415,5417],{"class":1052,"line":5392},80,[1050,5394,5395],{"class":1982},"            var",[1050,5397,5398],{"class":4498}," cookie",[1050,5400,1886],{"class":1063},[1050,5402,5319],{"class":4498},[1050,5404,2141],{"class":4495},[1050,5406,5407],{"class":4498},"i",[1050,5409,2150],{"class":4495},[1050,5411,2041],{"class":1063},[1050,5413,5414],{"class":2300},"trim",[1050,5416,4449],{"class":4495},[1050,5418,1158],{"class":1063},[1050,5420,5422,5424,5426,5428,5430,5433,5435,5437,5440,5442,5444,5446,5448,5450],{"class":1052,"line":5421},81,[1050,5423,4175],{"class":2109},[1050,5425,3707],{"class":4495},[1050,5427,5328],{"class":4498},[1050,5429,2041],{"class":1063},[1050,5431,5432],{"class":2300},"indexOf",[1050,5434,2019],{"class":4495},[1050,5436,1900],{"class":1613},[1050,5438,5439],{"class":1617},"csrftoken=",[1050,5441,1900],{"class":1613},[1050,5443,3413],{"class":4495},[1050,5445,5167],{"class":2113},[1050,5447,1170],{"class":1169},[1050,5449,3413],{"class":4495},[1050,5451,1141],{"class":1063},[1050,5453,5455,5458,5460,5462,5465,5467,5469,5471,5473,5475,5477,5479],{"class":1052,"line":5454},82,[1050,5456,5457],{"class":2109},"                return",[1050,5459,5398],{"class":4498},[1050,5461,2041],{"class":1063},[1050,5463,5464],{"class":2300},"substring",[1050,5466,2019],{"class":4495},[1050,5468,1900],{"class":1613},[1050,5470,5439],{"class":1617},[1050,5472,1900],{"class":1613},[1050,5474,2041],{"class":1063},[1050,5476,5378],{"class":5377},[1050,5478,3413],{"class":4495},[1050,5480,1158],{"class":1063},[1050,5482,5484],{"class":1052,"line":5483},83,[1050,5485,4725],{"class":1063},[1050,5487,5489],{"class":1052,"line":5488},84,[1050,5490,1250],{"class":1063},[1050,5492,5494,5496,5498],{"class":1052,"line":5493},85,[1050,5495,2170],{"class":2109},[1050,5497,4168],{"class":1613},[1050,5499,1158],{"class":1063},[1050,5501,5503],{"class":1052,"line":5502},86,[1050,5504,4734],{"class":1063},[1050,5506,5508,5510,5513],{"class":1052,"line":5507},87,[1050,5509,3255],{"class":1063},[1050,5511,5512],{"class":4443},")()",[1050,5514,1158],{"class":1063},[1035,5516,5518],{"id":5517},"server-side-frame-detection","Server-Side Frame Detection",[1040,5520,5522],{"className":1726,"code":5521,"language":1728,"meta":1045,"style":1045},"# views.py - Server-side clickjacking detection\nimport logging\n\nlogger = logging.getLogger('security')\n\nclass ClickjackingDetectionMixin:\n    \"\"\"Mixin to detect potential clickjacking attempts\"\"\"\n    \n    def dispatch(self, request, *args, **kwargs):\n        \"\"\"Check for framing indicators\"\"\"\n        \n        # Check for suspicious referrers\n        referrer = request.META.get('HTTP_REFERER', '')\n        if referrer and not self.is_trusted_referrer(referrer):\n            self.log_suspicious_referrer(request, referrer)\n        \n        # Check for frame-related headers\n        if self.detect_framing_attempt(request):\n            self.log_framing_attempt(request)\n        \n        return super().dispatch(request, *args, **kwargs)\n    \n    def is_trusted_referrer(self, referrer):\n        \"\"\"Check if referrer is from trusted domain\"\"\"\n        from urllib.parse import urlparse\n        \n        trusted_domains = [\n            request.get_host(),\n            'trusted-partner.com',\n            'widget.example.com'\n        ]\n        \n        referrer_domain = urlparse(referrer).netloc\n        return referrer_domain in trusted_domains\n    \n    def detect_framing_attempt(self, request):\n        \"\"\"Detect potential framing based on request characteristics\"\"\"\n        \n        # Check for frame-related headers\n        frame_headers = [\n            'HTTP_SEC_FETCH_DEST',\n            'HTTP_SEC_FETCH_MODE',\n            'HTTP_SEC_FETCH_SITE'\n        ]\n        \n        for header in frame_headers:\n            value = request.META.get(header, '')\n            if 'iframe' in value.lower() or 'nested-navigate' in value.lower():\n                return True\n        \n        return False\n    \n    def log_suspicious_referrer(self, request, referrer):\n        \"\"\"Log suspicious referrer\"\"\"\n        logger.warning(\n            \"Suspicious referrer detected\",\n            extra={\n                'ip_address': self.get_client_ip(request),\n                'referrer': referrer,\n                'path': request.path,\n                'user_agent': request.META.get('HTTP_USER_AGENT', ''),\n                'user': getattr(request, 'user', None),\n            }\n        )\n    \n    def log_framing_attempt(self, request):\n        \"\"\"Log potential framing attempt\"\"\"\n        logger.warning(\n            \"Potential clickjacking attempt detected\",\n            extra={\n                'ip_address': self.get_client_ip(request),\n                'path': request.path,\n                'user_agent': request.META.get('HTTP_USER_AGENT', ''),\n                'headers': dict(request.META),\n                'user': getattr(request, 'user', None),\n            }\n        )\n\n# Usage in views\nclass SensitiveActionView(ClickjackingDetectionMixin, FormView):\n    \"\"\"Sensitive view with clickjacking detection\"\"\"\n    template_name = 'sensitive_action.html'\n    form_class = SensitiveActionForm\n    \n    @method_decorator(xframe_options_deny)\n    def dispatch(self, request, *args, **kwargs):\n        return super().dispatch(request, *args, **kwargs)\n",[1047,5523,5524,5529,5536,5540,5566,5570,5579,5588,5592,5621,5630,5634,5639,5672,5697,5718,5722,5727,5744,5759,5763,5791,5795,5812,5821,5839,5843,5852,5865,5876,5885,5889,5893,5913,5925,5929,5946,5955,5959,5963,5972,5983,5994,6003,6007,6011,6025,6053,6097,6105,6109,6116,6120,6141,6150,6162,6173,6181,6207,6221,6239,6274,6306,6310,6315,6319,6336,6345,6355,6365,6371,6393,6411,6445,6469,6499,6503,6507,6511,6516,6535,6544,6557,6565,6569,6582,6610],{"__ignoreMap":1045},[1050,5525,5526],{"class":1052,"line":1053},[1050,5527,5528],{"class":1056},"# views.py - Server-side clickjacking detection\n",[1050,5530,5531,5533],{"class":1052,"line":1060},[1050,5532,2262],{"class":2109},[1050,5534,5535],{"class":1110}," logging\n",[1050,5537,5538],{"class":1052,"line":1078},[1050,5539,1741],{"emptyLinePlaceholder":1740},[1050,5541,5542,5545,5547,5550,5552,5555,5557,5559,5562,5564],{"class":1052,"line":1088},[1050,5543,5544],{"class":1110},"logger ",[1050,5546,1610],{"class":1063},[1050,5548,5549],{"class":1110}," logging",[1050,5551,2041],{"class":1063},[1050,5553,5554],{"class":2087},"getLogger",[1050,5556,2019],{"class":1063},[1050,5558,1900],{"class":1613},[1050,5560,5561],{"class":1617},"security",[1050,5563,1900],{"class":1613},[1050,5565,2095],{"class":1063},[1050,5567,5568],{"class":1052,"line":1098},[1050,5569,1741],{"emptyLinePlaceholder":1740},[1050,5571,5572,5574,5577],{"class":1052,"line":1121},[1050,5573,1983],{"class":1982},[1050,5575,5576],{"class":1986}," ClickjackingDetectionMixin",[1050,5578,1990],{"class":1063},[1050,5580,5581,5583,5586],{"class":1052,"line":1131},[1050,5582,1996],{"class":1995},[1050,5584,5585],{"class":1999},"Mixin to detect potential clickjacking attempts",[1050,5587,2003],{"class":1995},[1050,5589,5590],{"class":1052,"line":1144},[1050,5591,1590],{"class":1110},[1050,5593,5594,5596,5599,5601,5603,5605,5607,5609,5611,5613,5615,5617,5619],{"class":1052,"line":1161},[1050,5595,2012],{"class":1982},[1050,5597,5598],{"class":2300}," dispatch",[1050,5600,2019],{"class":1063},[1050,5602,2023],{"class":2022},[1050,5604,2026],{"class":1063},[1050,5606,2070],{"class":2029},[1050,5608,2026],{"class":1063},[1050,5610,4048],{"class":2113},[1050,5612,4051],{"class":2029},[1050,5614,2026],{"class":1063},[1050,5616,2868],{"class":2113},[1050,5618,2871],{"class":2029},[1050,5620,2033],{"class":1063},[1050,5622,5623,5625,5628],{"class":1052,"line":1175},[1050,5624,3125],{"class":1995},[1050,5626,5627],{"class":1999},"Check for framing indicators",[1050,5629,2003],{"class":1995},[1050,5631,5632],{"class":1052,"line":1187},[1050,5633,1256],{"class":1110},[1050,5635,5636],{"class":1052,"line":1204},[1050,5637,5638],{"class":1056},"        # Check for suspicious referrers\n",[1050,5640,5641,5644,5646,5648,5650,5653,5655,5657,5659,5661,5664,5666,5668,5670],{"class":1052,"line":1218},[1050,5642,5643],{"class":1110},"        referrer ",[1050,5645,1610],{"class":1063},[1050,5647,2070],{"class":1110},[1050,5649,2041],{"class":1063},[1050,5651,5652],{"class":2160},"META",[1050,5654,2041],{"class":1063},[1050,5656,2122],{"class":2087},[1050,5658,2019],{"class":1063},[1050,5660,1900],{"class":1613},[1050,5662,5663],{"class":1617},"HTTP_REFERER",[1050,5665,1900],{"class":1613},[1050,5667,2026],{"class":1063},[1050,5669,4168],{"class":1613},[1050,5671,2095],{"class":1063},[1050,5673,5674,5676,5679,5682,5684,5686,5688,5691,5693,5695],{"class":1052,"line":1231},[1050,5675,2110],{"class":2109},[1050,5677,5678],{"class":1110}," referrer ",[1050,5680,5681],{"class":2113},"and",[1050,5683,2114],{"class":2113},[1050,5685,2082],{"class":1154},[1050,5687,2041],{"class":1063},[1050,5689,5690],{"class":2087},"is_trusted_referrer",[1050,5692,2019],{"class":1063},[1050,5694,5035],{"class":2087},[1050,5696,2033],{"class":1063},[1050,5698,5699,5702,5704,5707,5709,5711,5713,5716],{"class":1052,"line":1247},[1050,5700,5701],{"class":1154},"            self",[1050,5703,2041],{"class":1063},[1050,5705,5706],{"class":2087},"log_suspicious_referrer",[1050,5708,2019],{"class":1063},[1050,5710,2092],{"class":2087},[1050,5712,2026],{"class":1063},[1050,5714,5715],{"class":2087}," referrer",[1050,5717,2095],{"class":1063},[1050,5719,5720],{"class":1052,"line":1253},[1050,5721,1256],{"class":1110},[1050,5723,5724],{"class":1052,"line":1259},[1050,5725,5726],{"class":1056},"        # Check for frame-related headers\n",[1050,5728,5729,5731,5733,5735,5738,5740,5742],{"class":1052,"line":1269},[1050,5730,2110],{"class":2109},[1050,5732,2082],{"class":1154},[1050,5734,2041],{"class":1063},[1050,5736,5737],{"class":2087},"detect_framing_attempt",[1050,5739,2019],{"class":1063},[1050,5741,2092],{"class":2087},[1050,5743,2033],{"class":1063},[1050,5745,5746,5748,5750,5753,5755,5757],{"class":1052,"line":1280},[1050,5747,5701],{"class":1154},[1050,5749,2041],{"class":1063},[1050,5751,5752],{"class":2087},"log_framing_attempt",[1050,5754,2019],{"class":1063},[1050,5756,2092],{"class":2087},[1050,5758,2095],{"class":1063},[1050,5760,5761],{"class":1052,"line":1295},[1050,5762,1256],{"class":1110},[1050,5764,5765,5767,5769,5771,5773,5775,5777,5779,5781,5783,5785,5787,5789],{"class":1052,"line":1309},[1050,5766,2170],{"class":2109},[1050,5768,2770],{"class":2769},[1050,5770,2773],{"class":1063},[1050,5772,2658],{"class":2087},[1050,5774,2019],{"class":1063},[1050,5776,2092],{"class":2087},[1050,5778,2026],{"class":1063},[1050,5780,4048],{"class":2113},[1050,5782,4051],{"class":2087},[1050,5784,2026],{"class":1063},[1050,5786,2868],{"class":2113},[1050,5788,2871],{"class":2087},[1050,5790,2095],{"class":1063},[1050,5792,5793],{"class":1052,"line":1322},[1050,5794,1590],{"class":1110},[1050,5796,5797,5799,5802,5804,5806,5808,5810],{"class":1052,"line":1336},[1050,5798,2012],{"class":1982},[1050,5800,5801],{"class":2300}," is_trusted_referrer",[1050,5803,2019],{"class":1063},[1050,5805,2023],{"class":2022},[1050,5807,2026],{"class":1063},[1050,5809,5715],{"class":2029},[1050,5811,2033],{"class":1063},[1050,5813,5814,5816,5819],{"class":1052,"line":1349},[1050,5815,3125],{"class":1995},[1050,5817,5818],{"class":1999},"Check if referrer is from trusted domain",[1050,5820,2003],{"class":1995},[1050,5822,5823,5826,5829,5831,5834,5836],{"class":1052,"line":1362},[1050,5824,5825],{"class":2109},"        from",[1050,5827,5828],{"class":1110}," urllib",[1050,5830,2041],{"class":1063},[1050,5832,5833],{"class":1110},"parse ",[1050,5835,2262],{"class":2109},[1050,5837,5838],{"class":1110}," urlparse\n",[1050,5840,5841],{"class":1052,"line":1375},[1050,5842,1256],{"class":1110},[1050,5844,5845,5848,5850],{"class":1052,"line":1389},[1050,5846,5847],{"class":1110},"        trusted_domains ",[1050,5849,1610],{"class":1063},[1050,5851,1889],{"class":1063},[1050,5853,5854,5857,5859,5862],{"class":1052,"line":1402},[1050,5855,5856],{"class":1110},"            request",[1050,5858,2041],{"class":1063},[1050,5860,5861],{"class":2087},"get_host",[1050,5863,5864],{"class":1063},"(),\n",[1050,5866,5867,5869,5872,5874],{"class":1052,"line":1407},[1050,5868,3339],{"class":1613},[1050,5870,5871],{"class":1617},"trusted-partner.com",[1050,5873,1900],{"class":1613},[1050,5875,1903],{"class":1063},[1050,5877,5878,5880,5883],{"class":1052,"line":1412},[1050,5879,3339],{"class":1613},[1050,5881,5882],{"class":1617},"widget.example.com",[1050,5884,2701],{"class":1613},[1050,5886,5887],{"class":1052,"line":1422},[1050,5888,3198],{"class":1063},[1050,5890,5891],{"class":1052,"line":1433},[1050,5892,1256],{"class":1110},[1050,5894,5895,5898,5900,5903,5905,5907,5910],{"class":1052,"line":1450},[1050,5896,5897],{"class":1110},"        referrer_domain ",[1050,5899,1610],{"class":1063},[1050,5901,5902],{"class":2087}," urlparse",[1050,5904,2019],{"class":1063},[1050,5906,5035],{"class":2087},[1050,5908,5909],{"class":1063},").",[1050,5911,5912],{"class":2044},"netloc\n",[1050,5914,5915,5917,5920,5922],{"class":1052,"line":1464},[1050,5916,2170],{"class":2109},[1050,5918,5919],{"class":1110}," referrer_domain ",[1050,5921,3422],{"class":2113},[1050,5923,5924],{"class":1110}," trusted_domains\n",[1050,5926,5927],{"class":1052,"line":1477},[1050,5928,1590],{"class":1110},[1050,5930,5931,5933,5936,5938,5940,5942,5944],{"class":1052,"line":1490},[1050,5932,2012],{"class":1982},[1050,5934,5935],{"class":2300}," detect_framing_attempt",[1050,5937,2019],{"class":1063},[1050,5939,2023],{"class":2022},[1050,5941,2026],{"class":1063},[1050,5943,2070],{"class":2029},[1050,5945,2033],{"class":1063},[1050,5947,5948,5950,5953],{"class":1052,"line":1505},[1050,5949,3125],{"class":1995},[1050,5951,5952],{"class":1999},"Detect potential framing based on request characteristics",[1050,5954,2003],{"class":1995},[1050,5956,5957],{"class":1052,"line":1517},[1050,5958,1256],{"class":1110},[1050,5960,5961],{"class":1052,"line":1522},[1050,5962,5726],{"class":1056},[1050,5964,5965,5968,5970],{"class":1052,"line":1532},[1050,5966,5967],{"class":1110},"        frame_headers ",[1050,5969,1610],{"class":1063},[1050,5971,1889],{"class":1063},[1050,5973,5974,5976,5979,5981],{"class":1052,"line":1541},[1050,5975,3339],{"class":1613},[1050,5977,5978],{"class":1617},"HTTP_SEC_FETCH_DEST",[1050,5980,1900],{"class":1613},[1050,5982,1903],{"class":1063},[1050,5984,5985,5987,5990,5992],{"class":1052,"line":1551},[1050,5986,3339],{"class":1613},[1050,5988,5989],{"class":1617},"HTTP_SEC_FETCH_MODE",[1050,5991,1900],{"class":1613},[1050,5993,1903],{"class":1063},[1050,5995,5996,5998,6001],{"class":1052,"line":1569},[1050,5997,3339],{"class":1613},[1050,5999,6000],{"class":1617},"HTTP_SEC_FETCH_SITE",[1050,6002,2701],{"class":1613},[1050,6004,6005],{"class":1052,"line":1587},[1050,6006,3198],{"class":1063},[1050,6008,6009],{"class":1052,"line":1593},[1050,6010,1256],{"class":1110},[1050,6012,6013,6015,6018,6020,6023],{"class":1052,"line":1599},[1050,6014,5351],{"class":2109},[1050,6016,6017],{"class":1110}," header ",[1050,6019,3422],{"class":2109},[1050,6021,6022],{"class":1110}," frame_headers",[1050,6024,1990],{"class":1063},[1050,6026,6027,6030,6032,6034,6036,6038,6040,6042,6044,6047,6049,6051],{"class":1052,"line":1633},[1050,6028,6029],{"class":1110},"            value ",[1050,6031,1610],{"class":1063},[1050,6033,2070],{"class":1110},[1050,6035,2041],{"class":1063},[1050,6037,5652],{"class":2160},[1050,6039,2041],{"class":1063},[1050,6041,2122],{"class":2087},[1050,6043,2019],{"class":1063},[1050,6045,6046],{"class":2087},"header",[1050,6048,2026],{"class":1063},[1050,6050,4168],{"class":1613},[1050,6052,2095],{"class":1063},[1050,6054,6055,6057,6059,6061,6063,6066,6069,6071,6074,6076,6079,6081,6084,6086,6088,6090,6092,6094],{"class":1052,"line":1638},[1050,6056,4175],{"class":2109},[1050,6058,1932],{"class":1613},[1050,6060,1649],{"class":1617},[1050,6062,1900],{"class":1613},[1050,6064,6065],{"class":2113}," in",[1050,6067,6068],{"class":1110}," value",[1050,6070,2041],{"class":1063},[1050,6072,6073],{"class":2087},"lower",[1050,6075,4449],{"class":1063},[1050,6077,6078],{"class":2113}," or",[1050,6080,1932],{"class":1613},[1050,6082,6083],{"class":1617},"nested-navigate",[1050,6085,1900],{"class":1613},[1050,6087,6065],{"class":2113},[1050,6089,6068],{"class":1110},[1050,6091,2041],{"class":1063},[1050,6093,6073],{"class":2087},[1050,6095,6096],{"class":1063},"():\n",[1050,6098,6099,6101],{"class":1052,"line":1644},[1050,6100,5457],{"class":2109},[1050,6102,6104],{"class":6103},"s8XtY"," True\n",[1050,6106,6107],{"class":1052,"line":1668},[1050,6108,1256],{"class":1110},[1050,6110,6111,6113],{"class":1052,"line":1684},[1050,6112,2170],{"class":2109},[1050,6114,6115],{"class":6103}," False\n",[1050,6117,6118],{"class":1052,"line":1693},[1050,6119,1590],{"class":1110},[1050,6121,6122,6124,6127,6129,6131,6133,6135,6137,6139],{"class":1052,"line":1698},[1050,6123,2012],{"class":1982},[1050,6125,6126],{"class":2300}," log_suspicious_referrer",[1050,6128,2019],{"class":1063},[1050,6130,2023],{"class":2022},[1050,6132,2026],{"class":1063},[1050,6134,2070],{"class":2029},[1050,6136,2026],{"class":1063},[1050,6138,5715],{"class":2029},[1050,6140,2033],{"class":1063},[1050,6142,6143,6145,6148],{"class":1052,"line":1704},[1050,6144,3125],{"class":1995},[1050,6146,6147],{"class":1999},"Log suspicious referrer",[1050,6149,2003],{"class":1995},[1050,6151,6152,6155,6157,6159],{"class":1052,"line":1713},[1050,6153,6154],{"class":1110},"        logger",[1050,6156,2041],{"class":1063},[1050,6158,4716],{"class":2087},[1050,6160,6161],{"class":1063},"(\n",[1050,6163,6164,6166,6169,6171],{"class":1052,"line":3594},[1050,6165,3153],{"class":1613},[1050,6167,6168],{"class":1617},"Suspicious referrer detected",[1050,6170,1614],{"class":1613},[1050,6172,1903],{"class":1063},[1050,6174,6175,6178],{"class":1052,"line":3607},[1050,6176,6177],{"class":2650},"            extra",[1050,6179,6180],{"class":1063},"={\n",[1050,6182,6183,6186,6189,6191,6193,6195,6197,6200,6202,6204],{"class":1052,"line":3612},[1050,6184,6185],{"class":1613},"                '",[1050,6187,6188],{"class":1617},"ip_address",[1050,6190,1900],{"class":1613},[1050,6192,1151],{"class":1063},[1050,6194,2082],{"class":1154},[1050,6196,2041],{"class":1063},[1050,6198,6199],{"class":2087},"get_client_ip",[1050,6201,2019],{"class":1063},[1050,6203,2092],{"class":2087},[1050,6205,6206],{"class":1063},"),\n",[1050,6208,6209,6211,6213,6215,6217,6219],{"class":1052,"line":3618},[1050,6210,6185],{"class":1613},[1050,6212,5035],{"class":1617},[1050,6214,1900],{"class":1613},[1050,6216,1151],{"class":1063},[1050,6218,5715],{"class":2087},[1050,6220,1903],{"class":1063},[1050,6222,6223,6225,6227,6229,6231,6233,6235,6237],{"class":1052,"line":3629},[1050,6224,6185],{"class":1613},[1050,6226,3401],{"class":1617},[1050,6228,1900],{"class":1613},[1050,6230,1151],{"class":1063},[1050,6232,2070],{"class":2087},[1050,6234,2041],{"class":1063},[1050,6236,3401],{"class":2044},[1050,6238,1903],{"class":1063},[1050,6240,6241,6243,6245,6247,6249,6251,6253,6255,6257,6259,6261,6263,6266,6268,6270,6272],{"class":1052,"line":3634},[1050,6242,6185],{"class":1613},[1050,6244,5054],{"class":1617},[1050,6246,1900],{"class":1613},[1050,6248,1151],{"class":1063},[1050,6250,2070],{"class":2087},[1050,6252,2041],{"class":1063},[1050,6254,5652],{"class":2160},[1050,6256,2041],{"class":1063},[1050,6258,2122],{"class":2087},[1050,6260,2019],{"class":1063},[1050,6262,1900],{"class":1613},[1050,6264,6265],{"class":1617},"HTTP_USER_AGENT",[1050,6267,1900],{"class":1613},[1050,6269,2026],{"class":1063},[1050,6271,4168],{"class":1613},[1050,6273,6206],{"class":1063},[1050,6275,6276,6278,6280,6282,6284,6287,6289,6291,6293,6295,6297,6299,6301,6304],{"class":1052,"line":3640},[1050,6277,6185],{"class":1613},[1050,6279,2363],{"class":1617},[1050,6281,1900],{"class":1613},[1050,6283,1151],{"class":1063},[1050,6285,6286],{"class":2015}," getattr",[1050,6288,2019],{"class":1063},[1050,6290,2092],{"class":2087},[1050,6292,2026],{"class":1063},[1050,6294,1932],{"class":1613},[1050,6296,2363],{"class":1617},[1050,6298,1900],{"class":1613},[1050,6300,2026],{"class":1063},[1050,6302,6303],{"class":6103}," None",[1050,6305,6206],{"class":1063},[1050,6307,6308],{"class":1052,"line":3646},[1050,6309,4725],{"class":1063},[1050,6311,6312],{"class":1052,"line":3651},[1050,6313,6314],{"class":1063},"        )\n",[1050,6316,6317],{"class":1052,"line":3657},[1050,6318,1590],{"class":1110},[1050,6320,6321,6323,6326,6328,6330,6332,6334],{"class":1052,"line":3666},[1050,6322,2012],{"class":1982},[1050,6324,6325],{"class":2300}," log_framing_attempt",[1050,6327,2019],{"class":1063},[1050,6329,2023],{"class":2022},[1050,6331,2026],{"class":1063},[1050,6333,2070],{"class":2029},[1050,6335,2033],{"class":1063},[1050,6337,6338,6340,6343],{"class":1052,"line":3678},[1050,6339,3125],{"class":1995},[1050,6341,6342],{"class":1999},"Log potential framing attempt",[1050,6344,2003],{"class":1995},[1050,6346,6347,6349,6351,6353],{"class":1052,"line":3683},[1050,6348,6154],{"class":1110},[1050,6350,2041],{"class":1063},[1050,6352,4716],{"class":2087},[1050,6354,6161],{"class":1063},[1050,6356,6357,6359,6361,6363],{"class":1052,"line":3688},[1050,6358,3153],{"class":1613},[1050,6360,4903],{"class":1617},[1050,6362,1614],{"class":1613},[1050,6364,1903],{"class":1063},[1050,6366,6367,6369],{"class":1052,"line":3693},[1050,6368,6177],{"class":2650},[1050,6370,6180],{"class":1063},[1050,6372,6373,6375,6377,6379,6381,6383,6385,6387,6389,6391],{"class":1052,"line":3699},[1050,6374,6185],{"class":1613},[1050,6376,6188],{"class":1617},[1050,6378,1900],{"class":1613},[1050,6380,1151],{"class":1063},[1050,6382,2082],{"class":1154},[1050,6384,2041],{"class":1063},[1050,6386,6199],{"class":2087},[1050,6388,2019],{"class":1063},[1050,6390,2092],{"class":2087},[1050,6392,6206],{"class":1063},[1050,6394,6395,6397,6399,6401,6403,6405,6407,6409],{"class":1052,"line":3722},[1050,6396,6185],{"class":1613},[1050,6398,3401],{"class":1617},[1050,6400,1900],{"class":1613},[1050,6402,1151],{"class":1063},[1050,6404,2070],{"class":2087},[1050,6406,2041],{"class":1063},[1050,6408,3401],{"class":2044},[1050,6410,1903],{"class":1063},[1050,6412,6413,6415,6417,6419,6421,6423,6425,6427,6429,6431,6433,6435,6437,6439,6441,6443],{"class":1052,"line":3728},[1050,6414,6185],{"class":1613},[1050,6416,5054],{"class":1617},[1050,6418,1900],{"class":1613},[1050,6420,1151],{"class":1063},[1050,6422,2070],{"class":2087},[1050,6424,2041],{"class":1063},[1050,6426,5652],{"class":2160},[1050,6428,2041],{"class":1063},[1050,6430,2122],{"class":2087},[1050,6432,2019],{"class":1063},[1050,6434,1900],{"class":1613},[1050,6436,6265],{"class":1617},[1050,6438,1900],{"class":1613},[1050,6440,2026],{"class":1063},[1050,6442,4168],{"class":1613},[1050,6444,6206],{"class":1063},[1050,6446,6447,6449,6452,6454,6456,6459,6461,6463,6465,6467],{"class":1052,"line":5280},[1050,6448,6185],{"class":1613},[1050,6450,6451],{"class":1617},"headers",[1050,6453,1900],{"class":1613},[1050,6455,1151],{"class":1063},[1050,6457,6458],{"class":2769}," dict",[1050,6460,2019],{"class":1063},[1050,6462,2092],{"class":2087},[1050,6464,2041],{"class":1063},[1050,6466,5652],{"class":2160},[1050,6468,6206],{"class":1063},[1050,6470,6471,6473,6475,6477,6479,6481,6483,6485,6487,6489,6491,6493,6495,6497],{"class":1052,"line":5292},[1050,6472,6185],{"class":1613},[1050,6474,2363],{"class":1617},[1050,6476,1900],{"class":1613},[1050,6478,1151],{"class":1063},[1050,6480,6286],{"class":2015},[1050,6482,2019],{"class":1063},[1050,6484,2092],{"class":2087},[1050,6486,2026],{"class":1063},[1050,6488,1932],{"class":1613},[1050,6490,2363],{"class":1617},[1050,6492,1900],{"class":1613},[1050,6494,2026],{"class":1063},[1050,6496,6303],{"class":6103},[1050,6498,6206],{"class":1063},[1050,6500,6501],{"class":1052,"line":5297},[1050,6502,4725],{"class":1063},[1050,6504,6505],{"class":1052,"line":5303},[1050,6506,6314],{"class":1063},[1050,6508,6509],{"class":1052,"line":5314},[1050,6510,1741],{"emptyLinePlaceholder":1740},[1050,6512,6513],{"class":1052,"line":5348},[1050,6514,6515],{"class":1056},"# Usage in views\n",[1050,6517,6518,6520,6523,6525,6528,6530,6533],{"class":1052,"line":5392},[1050,6519,1983],{"class":1982},[1050,6521,6522],{"class":1986}," SensitiveActionView",[1050,6524,2019],{"class":1063},[1050,6526,6527],{"class":2674},"ClickjackingDetectionMixin",[1050,6529,2026],{"class":1063},[1050,6531,6532],{"class":2674}," FormView",[1050,6534,2033],{"class":1063},[1050,6536,6537,6539,6542],{"class":1052,"line":5421},[1050,6538,1996],{"class":1995},[1050,6540,6541],{"class":1999},"Sensitive view with clickjacking detection",[1050,6543,2003],{"class":1995},[1050,6545,6546,6548,6550,6552,6555],{"class":1052,"line":5454},[1050,6547,2691],{"class":1110},[1050,6549,1610],{"class":1063},[1050,6551,1932],{"class":1613},[1050,6553,6554],{"class":1617},"sensitive_action.html",[1050,6556,2701],{"class":1613},[1050,6558,6559,6561,6563],{"class":1052,"line":5483},[1050,6560,2706],{"class":1110},[1050,6562,1610],{"class":1063},[1050,6564,2711],{"class":1110},[1050,6566,6567],{"class":1052,"line":5488},[1050,6568,1590],{"class":1110},[1050,6570,6571,6574,6576,6578,6580],{"class":1052,"line":5493},[1050,6572,6573],{"class":1063},"    @",[1050,6575,2640],{"class":2300},[1050,6577,2019],{"class":1063},[1050,6579,2645],{"class":2087},[1050,6581,2095],{"class":1063},[1050,6583,6584,6586,6588,6590,6592,6594,6596,6598,6600,6602,6604,6606,6608],{"class":1052,"line":5502},[1050,6585,2012],{"class":1982},[1050,6587,5598],{"class":2300},[1050,6589,2019],{"class":1063},[1050,6591,2023],{"class":2022},[1050,6593,2026],{"class":1063},[1050,6595,2070],{"class":2029},[1050,6597,2026],{"class":1063},[1050,6599,4048],{"class":2113},[1050,6601,4051],{"class":2029},[1050,6603,2026],{"class":1063},[1050,6605,2868],{"class":2113},[1050,6607,2871],{"class":2029},[1050,6609,2033],{"class":1063},[1050,6611,6612,6614,6616,6618,6620,6622,6624,6626,6628,6630,6632,6634,6636],{"class":1052,"line":5507},[1050,6613,2170],{"class":2109},[1050,6615,2770],{"class":2769},[1050,6617,2773],{"class":1063},[1050,6619,2658],{"class":2087},[1050,6621,2019],{"class":1063},[1050,6623,2092],{"class":2087},[1050,6625,2026],{"class":1063},[1050,6627,4048],{"class":2113},[1050,6629,4051],{"class":2087},[1050,6631,2026],{"class":1063},[1050,6633,2868],{"class":2113},[1050,6635,2871],{"class":2087},[1050,6637,2095],{"class":1063},[1030,6639,6641],{"id":6640},"secure-iframe-implementation","Secure Iframe Implementation",[1035,6643,6645],{"id":6644},"when-framing-is-necessary","When Framing is Necessary",[1040,6647,6649],{"className":1726,"code":6648,"language":1728,"meta":1045,"style":1045},"# views.py - Secure iframe implementation\nfrom django.views.decorators.clickjacking import xframe_options_sameorigin\n\n@xframe_options_sameorigin\ndef secure_widget_view(request):\n    \"\"\"Secure widget that can be embedded safely\"\"\"\n    \n    # Validate embedding context\n    referrer = request.META.get('HTTP_REFERER', '')\n    if not validate_embedding_context(request, referrer):\n        return HttpResponseForbidden(\"Embedding not allowed from this context\")\n    \n    # Generate widget with security measures\n    widget_data = {\n        'content': get_widget_content(request.user),\n        'csrf_token': get_token(request),\n        'nonce': generate_nonce(),\n    }\n    \n    response = render(request, 'secure_widget.html', widget_data)\n    \n    # Add additional security headers\n    response['X-Content-Type-Options'] = 'nosniff'\n    response['Referrer-Policy'] = 'strict-origin-when-cross-origin'\n    \n    return response\n\ndef validate_embedding_context(request, referrer):\n    \"\"\"Validate that embedding is from allowed context\"\"\"\n    \n    if not referrer:\n        return False\n    \n    from urllib.parse import urlparse\n    referrer_domain = urlparse(referrer).netloc\n    \n    # Check against whitelist\n    allowed_domains = [\n        request.get_host(),  # Same origin\n        'trusted-partner.com',\n        'widget.example.com'\n    ]\n    \n    return referrer_domain in allowed_domains\n\ndef generate_nonce():\n    \"\"\"Generate cryptographic nonce for CSP\"\"\"\n    import secrets\n    return secrets.token_urlsafe(16)\n",[1047,6650,6651,6656,6679,6683,6689,6702,6711,6715,6720,6751,6770,6788,6792,6797,6805,6830,6850,6866,6870,6874,6901,6905,6910,6934,6958,6962,6968,6972,6988,6997,7001,7011,7017,7021,7036,7053,7057,7062,7071,7085,7095,7103,7108,7112,7123,7127,7135,7144,7152],{"__ignoreMap":1045},[1050,6652,6653],{"class":1052,"line":1053},[1050,6654,6655],{"class":1056},"# views.py - Secure iframe implementation\n",[1050,6657,6658,6660,6662,6664,6666,6668,6670,6672,6674,6676],{"class":1052,"line":1060},[1050,6659,2241],{"class":2109},[1050,6661,2244],{"class":1110},[1050,6663,2041],{"class":1063},[1050,6665,2249],{"class":1110},[1050,6667,2041],{"class":1063},[1050,6669,2254],{"class":1110},[1050,6671,2041],{"class":1063},[1050,6673,2259],{"class":1110},[1050,6675,2262],{"class":2109},[1050,6677,6678],{"class":1110}," xframe_options_sameorigin\n",[1050,6680,6681],{"class":1052,"line":1078},[1050,6682,1741],{"emptyLinePlaceholder":1740},[1050,6684,6685,6687],{"class":1052,"line":1088},[1050,6686,2297],{"class":1063},[1050,6688,2427],{"class":2300},[1050,6690,6691,6693,6696,6698,6700],{"class":1052,"line":1098},[1050,6692,2306],{"class":1982},[1050,6694,6695],{"class":2300}," secure_widget_view",[1050,6697,2019],{"class":1063},[1050,6699,2092],{"class":2029},[1050,6701,2033],{"class":1063},[1050,6703,6704,6706,6709],{"class":1052,"line":1121},[1050,6705,1996],{"class":1995},[1050,6707,6708],{"class":1999},"Secure widget that can be embedded safely",[1050,6710,2003],{"class":1995},[1050,6712,6713],{"class":1052,"line":1131},[1050,6714,1590],{"class":1110},[1050,6716,6717],{"class":1052,"line":1144},[1050,6718,6719],{"class":1056},"    # Validate embedding context\n",[1050,6721,6722,6725,6727,6729,6731,6733,6735,6737,6739,6741,6743,6745,6747,6749],{"class":1052,"line":1161},[1050,6723,6724],{"class":1110},"    referrer ",[1050,6726,1610],{"class":1063},[1050,6728,2070],{"class":1110},[1050,6730,2041],{"class":1063},[1050,6732,5652],{"class":2160},[1050,6734,2041],{"class":1063},[1050,6736,2122],{"class":2087},[1050,6738,2019],{"class":1063},[1050,6740,1900],{"class":1613},[1050,6742,5663],{"class":1617},[1050,6744,1900],{"class":1613},[1050,6746,2026],{"class":1063},[1050,6748,4168],{"class":1613},[1050,6750,2095],{"class":1063},[1050,6752,6753,6755,6757,6760,6762,6764,6766,6768],{"class":1052,"line":1175},[1050,6754,2329],{"class":2109},[1050,6756,2114],{"class":2113},[1050,6758,6759],{"class":2087}," validate_embedding_context",[1050,6761,2019],{"class":1063},[1050,6763,2092],{"class":2087},[1050,6765,2026],{"class":1063},[1050,6767,5715],{"class":2087},[1050,6769,2033],{"class":1063},[1050,6771,6772,6774,6777,6779,6781,6784,6786],{"class":1052,"line":1187},[1050,6773,2170],{"class":2109},[1050,6775,6776],{"class":2087}," HttpResponseForbidden",[1050,6778,2019],{"class":1063},[1050,6780,1614],{"class":1613},[1050,6782,6783],{"class":1617},"Embedding not allowed from this context",[1050,6785,1614],{"class":1613},[1050,6787,2095],{"class":1063},[1050,6789,6790],{"class":1052,"line":1204},[1050,6791,1590],{"class":1110},[1050,6793,6794],{"class":1052,"line":1218},[1050,6795,6796],{"class":1056},"    # Generate widget with security measures\n",[1050,6798,6799,6801,6803],{"class":1052,"line":1231},[1050,6800,2454],{"class":1110},[1050,6802,1610],{"class":1063},[1050,6804,1141],{"class":1063},[1050,6806,6807,6810,6813,6815,6817,6820,6822,6824,6826,6828],{"class":1052,"line":1247},[1050,6808,6809],{"class":1613},"        '",[1050,6811,6812],{"class":1617},"content",[1050,6814,1900],{"class":1613},[1050,6816,1151],{"class":1063},[1050,6818,6819],{"class":2087}," get_widget_content",[1050,6821,2019],{"class":1063},[1050,6823,2092],{"class":2087},[1050,6825,2041],{"class":1063},[1050,6827,2363],{"class":2044},[1050,6829,6206],{"class":1063},[1050,6831,6832,6834,6837,6839,6841,6844,6846,6848],{"class":1052,"line":1253},[1050,6833,6809],{"class":1613},[1050,6835,6836],{"class":1617},"csrf_token",[1050,6838,1900],{"class":1613},[1050,6840,1151],{"class":1063},[1050,6842,6843],{"class":2087}," get_token",[1050,6845,2019],{"class":1063},[1050,6847,2092],{"class":2087},[1050,6849,6206],{"class":1063},[1050,6851,6852,6854,6857,6859,6861,6864],{"class":1052,"line":1259},[1050,6853,6809],{"class":1613},[1050,6855,6856],{"class":1617},"nonce",[1050,6858,1900],{"class":1613},[1050,6860,1151],{"class":1063},[1050,6862,6863],{"class":2087}," generate_nonce",[1050,6865,5864],{"class":1063},[1050,6867,6868],{"class":1052,"line":1269},[1050,6869,4734],{"class":1063},[1050,6871,6872],{"class":1052,"line":1280},[1050,6873,1590],{"class":1110},[1050,6875,6876,6878,6880,6882,6884,6886,6888,6890,6893,6895,6897,6899],{"class":1052,"line":1295},[1050,6877,3921],{"class":1110},[1050,6879,1610],{"class":1063},[1050,6881,2401],{"class":2087},[1050,6883,2019],{"class":1063},[1050,6885,2092],{"class":2087},[1050,6887,2026],{"class":1063},[1050,6889,1932],{"class":1613},[1050,6891,6892],{"class":1617},"secure_widget.html",[1050,6894,1900],{"class":1613},[1050,6896,2026],{"class":1063},[1050,6898,2505],{"class":2087},[1050,6900,2095],{"class":1063},[1050,6902,6903],{"class":1052,"line":1309},[1050,6904,1590],{"class":1110},[1050,6906,6907],{"class":1052,"line":1322},[1050,6908,6909],{"class":1056},"    # Add additional security headers\n",[1050,6911,6912,6914,6916,6918,6921,6923,6925,6927,6929,6932],{"class":1052,"line":1336},[1050,6913,3945],{"class":1110},[1050,6915,2141],{"class":1063},[1050,6917,1900],{"class":1613},[1050,6919,6920],{"class":1617},"X-Content-Type-Options",[1050,6922,1900],{"class":1613},[1050,6924,2150],{"class":1063},[1050,6926,1886],{"class":1063},[1050,6928,1932],{"class":1613},[1050,6930,6931],{"class":1617},"nosniff",[1050,6933,2701],{"class":1613},[1050,6935,6936,6938,6940,6942,6945,6947,6949,6951,6953,6956],{"class":1052,"line":1349},[1050,6937,3945],{"class":1110},[1050,6939,2141],{"class":1063},[1050,6941,1900],{"class":1613},[1050,6943,6944],{"class":1617},"Referrer-Policy",[1050,6946,1900],{"class":1613},[1050,6948,2150],{"class":1063},[1050,6950,1886],{"class":1063},[1050,6952,1932],{"class":1613},[1050,6954,6955],{"class":1617},"strict-origin-when-cross-origin",[1050,6957,2701],{"class":1613},[1050,6959,6960],{"class":1052,"line":1362},[1050,6961,1590],{"class":1110},[1050,6963,6964,6966],{"class":1052,"line":1375},[1050,6965,2398],{"class":2109},[1050,6967,2173],{"class":1110},[1050,6969,6970],{"class":1052,"line":1389},[1050,6971,1741],{"emptyLinePlaceholder":1740},[1050,6973,6974,6976,6978,6980,6982,6984,6986],{"class":1052,"line":1402},[1050,6975,2306],{"class":1982},[1050,6977,6759],{"class":2300},[1050,6979,2019],{"class":1063},[1050,6981,2092],{"class":2029},[1050,6983,2026],{"class":1063},[1050,6985,5715],{"class":2029},[1050,6987,2033],{"class":1063},[1050,6989,6990,6992,6995],{"class":1052,"line":1407},[1050,6991,1996],{"class":1995},[1050,6993,6994],{"class":1999},"Validate that embedding is from allowed context",[1050,6996,2003],{"class":1995},[1050,6998,6999],{"class":1052,"line":1412},[1050,7000,1590],{"class":1110},[1050,7002,7003,7005,7007,7009],{"class":1052,"line":1422},[1050,7004,2329],{"class":2109},[1050,7006,2114],{"class":2113},[1050,7008,5715],{"class":1110},[1050,7010,1990],{"class":1063},[1050,7012,7013,7015],{"class":1052,"line":1433},[1050,7014,2170],{"class":2109},[1050,7016,6115],{"class":6103},[1050,7018,7019],{"class":1052,"line":1450},[1050,7020,1590],{"class":1110},[1050,7022,7023,7026,7028,7030,7032,7034],{"class":1052,"line":1464},[1050,7024,7025],{"class":2109},"    from",[1050,7027,5828],{"class":1110},[1050,7029,2041],{"class":1063},[1050,7031,5833],{"class":1110},[1050,7033,2262],{"class":2109},[1050,7035,5838],{"class":1110},[1050,7037,7038,7041,7043,7045,7047,7049,7051],{"class":1052,"line":1477},[1050,7039,7040],{"class":1110},"    referrer_domain ",[1050,7042,1610],{"class":1063},[1050,7044,5902],{"class":2087},[1050,7046,2019],{"class":1063},[1050,7048,5035],{"class":2087},[1050,7050,5909],{"class":1063},[1050,7052,5912],{"class":2044},[1050,7054,7055],{"class":1052,"line":1490},[1050,7056,1590],{"class":1110},[1050,7058,7059],{"class":1052,"line":1505},[1050,7060,7061],{"class":1056},"    # Check against whitelist\n",[1050,7063,7064,7067,7069],{"class":1052,"line":1517},[1050,7065,7066],{"class":1110},"    allowed_domains ",[1050,7068,1610],{"class":1063},[1050,7070,1889],{"class":1063},[1050,7072,7073,7075,7077,7079,7082],{"class":1052,"line":1522},[1050,7074,2358],{"class":1110},[1050,7076,2041],{"class":1063},[1050,7078,5861],{"class":2087},[1050,7080,7081],{"class":1063},"(),",[1050,7083,7084],{"class":1056},"  # Same origin\n",[1050,7086,7087,7089,7091,7093],{"class":1052,"line":1532},[1050,7088,6809],{"class":1613},[1050,7090,5871],{"class":1617},[1050,7092,1900],{"class":1613},[1050,7094,1903],{"class":1063},[1050,7096,7097,7099,7101],{"class":1052,"line":1541},[1050,7098,6809],{"class":1613},[1050,7100,5882],{"class":1617},[1050,7102,2701],{"class":1613},[1050,7104,7105],{"class":1052,"line":1551},[1050,7106,7107],{"class":1063},"    ]\n",[1050,7109,7110],{"class":1052,"line":1569},[1050,7111,1590],{"class":1110},[1050,7113,7114,7116,7118,7120],{"class":1052,"line":1587},[1050,7115,2398],{"class":2109},[1050,7117,5919],{"class":1110},[1050,7119,3422],{"class":2113},[1050,7121,7122],{"class":1110}," allowed_domains\n",[1050,7124,7125],{"class":1052,"line":1593},[1050,7126,1741],{"emptyLinePlaceholder":1740},[1050,7128,7129,7131,7133],{"class":1052,"line":1599},[1050,7130,2306],{"class":1982},[1050,7132,6863],{"class":2300},[1050,7134,6096],{"class":1063},[1050,7136,7137,7139,7142],{"class":1052,"line":1633},[1050,7138,1996],{"class":1995},[1050,7140,7141],{"class":1999},"Generate cryptographic nonce for CSP",[1050,7143,2003],{"class":1995},[1050,7145,7146,7149],{"class":1052,"line":1638},[1050,7147,7148],{"class":2109},"    import",[1050,7150,7151],{"class":1110}," secrets\n",[1050,7153,7154,7156,7159,7161,7164,7166,7169],{"class":1052,"line":1644},[1050,7155,2398],{"class":2109},[1050,7157,7158],{"class":1110}," secrets",[1050,7160,2041],{"class":1063},[1050,7162,7163],{"class":2087},"token_urlsafe",[1050,7165,2019],{"class":1063},[1050,7167,7168],{"class":1169},"16",[1050,7170,2095],{"class":1063},[1035,7172,7174],{"id":7173},"secure-widget-template","Secure Widget Template",[1040,7176,7178],{"className":1042,"code":7177,"language":1044,"meta":1045,"style":1045},"\u003C!-- templates/secure_widget.html -->\n\u003C!DOCTYPE html>\n\u003Chtml>\n\u003Chead>\n    \u003Cmeta charset=\"utf-8\">\n    \u003Ctitle>Secure Widget\u003C/title>\n    \n    \u003C!-- CSP with nonce -->\n    \u003Cmeta http-equiv=\"Content-Security-Policy\" \n          content=\"default-src 'self'; script-src 'self' 'nonce-{{ nonce }}'; frame-ancestors 'self' https://trusted-partner.com;\">\n    \n    \u003Cstyle>\n        /* Inline styles are safer than external CSS for widgets */\n        .widget-container {\n            border: 1px solid #ccc;\n            padding: 10px;\n            background: #f9f9f9;\n            font-family: Arial, sans-serif;\n        }\n        \n        .widget-header {\n            font-weight: bold;\n            margin-bottom: 10px;\n        }\n        \n        .security-indicator {\n            font-size: 12px;\n            color: #666;\n            margin-top: 10px;\n        }\n    \u003C/style>\n\u003C/head>\n\u003Cbody>\n    \u003Cdiv class=\"widget-container\">\n        \u003Cdiv class=\"widget-header\">Secure Widget\u003C/div>\n        \n        \u003Cdiv class=\"widget-content\">\n            {{ content|escape }}\n        \u003C/div>\n        \n        \u003Cdiv class=\"security-indicator\">\n            🔒 This widget is served securely\n        \u003C/div>\n    \u003C/div>\n    \n    \u003C!-- Secure JavaScript with nonce -->\n    \u003Cscript nonce=\"{{ nonce }}\">\n        (function() {\n            'use strict';\n            \n            // Verify we're in expected context\n            if (window.top !== window.self) {\n                // We're in a frame - verify it's allowed\n                try {\n                    var parentOrigin = window.parent.location.origin;\n                    var allowedOrigins = ['https://trusted-partner.com'];\n                    \n                    if (allowedOrigins.indexOf(parentOrigin) === -1) {\n                        console.warn('Widget loaded in unauthorized frame');\n                        document.body.innerHTML = '\u003Cp>Widget cannot be displayed in this context\u003C/p>';\n                    }\n                } catch (e) {\n                    // Cross-origin frame - this is expected for legitimate embedding\n                }\n            }\n            \n            // Widget functionality\n            function initializeWidget() {\n                // Safe widget initialization code\n                console.log('Secure widget initialized');\n            }\n            \n            // Initialize when DOM is ready\n            if (document.readyState === 'loading') {\n                document.addEventListener('DOMContentLoaded', initializeWidget);\n            } else {\n                initializeWidget();\n            }\n        })();\n    \u003C/script>\n\u003C/body>\n\u003C/html>\n",[1047,7179,7180,7185,7195,7203,7211,7232,7249,7253,7258,7277,7293,7297,7305,7310,7319,7342,7356,7369,7386,7390,7394,7403,7415,7428,7432,7436,7445,7459,7472,7485,7489,7497,7505,7513,7531,7558,7562,7581,7586,7595,7599,7617,7622,7630,7638,7642,7647,7668,7679,7689,7693,7698,7722,7727,7734,7762,7783,7788,7821,7843,7867,7872,7886,7891,7896,7900,7904,7909,7921,7926,7948,7952,7956,7961,7985,8009,8017,8026,8030,8038,8046,8054],{"__ignoreMap":1045},[1050,7181,7182],{"class":1052,"line":1053},[1050,7183,7184],{"class":1056},"\u003C!-- templates/secure_widget.html -->\n",[1050,7186,7187,7189,7191,7193],{"class":1052,"line":1060},[1050,7188,1064],{"class":1063},[1050,7190,1068],{"class":1067},[1050,7192,1072],{"class":1071},[1050,7194,1075],{"class":1063},[1050,7196,7197,7199,7201],{"class":1052,"line":1078},[1050,7198,1081],{"class":1063},[1050,7200,1044],{"class":1067},[1050,7202,1075],{"class":1063},[1050,7204,7205,7207,7209],{"class":1052,"line":1088},[1050,7206,1081],{"class":1063},[1050,7208,1093],{"class":1067},[1050,7210,1075],{"class":1063},[1050,7212,7213,7215,7218,7221,7223,7225,7228,7230],{"class":1052,"line":1098},[1050,7214,1101],{"class":1063},[1050,7216,7217],{"class":1067},"meta",[1050,7219,7220],{"class":1071}," charset",[1050,7222,1610],{"class":1063},[1050,7224,1614],{"class":1613},[1050,7226,7227],{"class":1617},"utf-8",[1050,7229,1614],{"class":1613},[1050,7231,1075],{"class":1063},[1050,7233,7234,7236,7238,7240,7243,7245,7247],{"class":1052,"line":1121},[1050,7235,1101],{"class":1063},[1050,7237,1104],{"class":1067},[1050,7239,1107],{"class":1063},[1050,7241,7242],{"class":1110},"Secure Widget",[1050,7244,1114],{"class":1063},[1050,7246,1104],{"class":1067},[1050,7248,1075],{"class":1063},[1050,7250,7251],{"class":1052,"line":1131},[1050,7252,1590],{"class":1110},[1050,7254,7255],{"class":1052,"line":1144},[1050,7256,7257],{"class":1056},"    \u003C!-- CSP with nonce -->\n",[1050,7259,7260,7262,7264,7267,7269,7271,7273,7275],{"class":1052,"line":1161},[1050,7261,1101],{"class":1063},[1050,7263,7217],{"class":1067},[1050,7265,7266],{"class":1071}," http-equiv",[1050,7268,1610],{"class":1063},[1050,7270,1614],{"class":1613},[1050,7272,3080],{"class":1617},[1050,7274,1614],{"class":1613},[1050,7276,1665],{"class":1664},[1050,7278,7279,7282,7284,7286,7289,7291],{"class":1052,"line":1175},[1050,7280,7281],{"class":1071},"          content",[1050,7283,1610],{"class":1063},[1050,7285,1614],{"class":1613},[1050,7287,7288],{"class":1617},"default-src 'self'; script-src 'self' 'nonce-{{ nonce }}'; frame-ancestors 'self' https://trusted-partner.com;",[1050,7290,1614],{"class":1613},[1050,7292,1075],{"class":1063},[1050,7294,7295],{"class":1052,"line":1187},[1050,7296,1590],{"class":1110},[1050,7298,7299,7301,7303],{"class":1052,"line":1204},[1050,7300,1101],{"class":1063},[1050,7302,1126],{"class":1067},[1050,7304,1075],{"class":1063},[1050,7306,7307],{"class":1052,"line":1218},[1050,7308,7309],{"class":1056},"        /* Inline styles are safer than external CSS for widgets */\n",[1050,7311,7312,7314,7317],{"class":1052,"line":1231},[1050,7313,1134],{"class":1063},[1050,7315,7316],{"class":1137},"widget-container",[1050,7318,1141],{"class":1063},[1050,7320,7321,7324,7326,7329,7331,7334,7337,7340],{"class":1052,"line":1247},[1050,7322,7323],{"class":1147},"            border",[1050,7325,1151],{"class":1063},[1050,7327,7328],{"class":1169}," 1",[1050,7330,1290],{"class":1198},[1050,7332,7333],{"class":1154}," solid",[1050,7335,7336],{"class":1063}," #",[1050,7338,7339],{"class":1154},"ccc",[1050,7341,1158],{"class":1063},[1050,7343,7344,7347,7349,7352,7354],{"class":1052,"line":1253},[1050,7345,7346],{"class":1147},"            padding",[1050,7348,1151],{"class":1063},[1050,7350,7351],{"class":1169}," 10",[1050,7353,1290],{"class":1198},[1050,7355,1158],{"class":1063},[1050,7357,7358,7360,7362,7364,7367],{"class":1052,"line":1259},[1050,7359,1339],{"class":1147},[1050,7361,1151],{"class":1063},[1050,7363,7336],{"class":1063},[1050,7365,7366],{"class":1154},"f9f9f9",[1050,7368,1158],{"class":1063},[1050,7370,7371,7374,7376,7379,7381,7384],{"class":1052,"line":1269},[1050,7372,7373],{"class":1147},"            font-family",[1050,7375,1151],{"class":1063},[1050,7377,7378],{"class":1154}," Arial",[1050,7380,2026],{"class":1063},[1050,7382,7383],{"class":1154}," sans-serif",[1050,7385,1158],{"class":1063},[1050,7387,7388],{"class":1052,"line":1280},[1050,7389,1250],{"class":1063},[1050,7391,7392],{"class":1052,"line":1295},[1050,7393,1256],{"class":1110},[1050,7395,7396,7398,7401],{"class":1052,"line":1309},[1050,7397,1134],{"class":1063},[1050,7399,7400],{"class":1137},"widget-header",[1050,7402,1141],{"class":1063},[1050,7404,7405,7408,7410,7413],{"class":1052,"line":1322},[1050,7406,7407],{"class":1147},"            font-weight",[1050,7409,1151],{"class":1063},[1050,7411,7412],{"class":1154}," bold",[1050,7414,1158],{"class":1063},[1050,7416,7417,7420,7422,7424,7426],{"class":1052,"line":1336},[1050,7418,7419],{"class":1147},"            margin-bottom",[1050,7421,1151],{"class":1063},[1050,7423,7351],{"class":1169},[1050,7425,1290],{"class":1198},[1050,7427,1158],{"class":1063},[1050,7429,7430],{"class":1052,"line":1349},[1050,7431,1250],{"class":1063},[1050,7433,7434],{"class":1052,"line":1362},[1050,7435,1256],{"class":1110},[1050,7437,7438,7440,7443],{"class":1052,"line":1375},[1050,7439,1134],{"class":1063},[1050,7441,7442],{"class":1137},"security-indicator",[1050,7444,1141],{"class":1063},[1050,7446,7447,7450,7452,7455,7457],{"class":1052,"line":1389},[1050,7448,7449],{"class":1147},"            font-size",[1050,7451,1151],{"class":1063},[1050,7453,7454],{"class":1169}," 12",[1050,7456,1290],{"class":1198},[1050,7458,1158],{"class":1063},[1050,7460,7461,7463,7465,7467,7470],{"class":1052,"line":1402},[1050,7462,1352],{"class":1147},[1050,7464,1151],{"class":1063},[1050,7466,7336],{"class":1063},[1050,7468,7469],{"class":1154},"666",[1050,7471,1158],{"class":1063},[1050,7473,7474,7477,7479,7481,7483],{"class":1052,"line":1407},[1050,7475,7476],{"class":1147},"            margin-top",[1050,7478,1151],{"class":1063},[1050,7480,7351],{"class":1169},[1050,7482,1290],{"class":1198},[1050,7484,1158],{"class":1063},[1050,7486,7487],{"class":1052,"line":1412},[1050,7488,1250],{"class":1063},[1050,7490,7491,7493,7495],{"class":1052,"line":1422},[1050,7492,1525],{"class":1063},[1050,7494,1126],{"class":1067},[1050,7496,1075],{"class":1063},[1050,7498,7499,7501,7503],{"class":1052,"line":1433},[1050,7500,1114],{"class":1063},[1050,7502,1093],{"class":1067},[1050,7504,1075],{"class":1063},[1050,7506,7507,7509,7511],{"class":1052,"line":1450},[1050,7508,1081],{"class":1063},[1050,7510,1546],{"class":1067},[1050,7512,1075],{"class":1063},[1050,7514,7515,7517,7519,7521,7523,7525,7527,7529],{"class":1052,"line":1464},[1050,7516,1101],{"class":1063},[1050,7518,1604],{"class":1067},[1050,7520,1607],{"class":1071},[1050,7522,1610],{"class":1063},[1050,7524,1614],{"class":1613},[1050,7526,7316],{"class":1617},[1050,7528,1614],{"class":1613},[1050,7530,1075],{"class":1063},[1050,7532,7533,7536,7538,7540,7542,7544,7546,7548,7550,7552,7554,7556],{"class":1052,"line":1477},[1050,7534,7535],{"class":1063},"        \u003C",[1050,7537,1604],{"class":1067},[1050,7539,1607],{"class":1071},[1050,7541,1610],{"class":1063},[1050,7543,1614],{"class":1613},[1050,7545,7400],{"class":1617},[1050,7547,1614],{"class":1613},[1050,7549,1107],{"class":1063},[1050,7551,7242],{"class":1110},[1050,7553,1114],{"class":1063},[1050,7555,1604],{"class":1067},[1050,7557,1075],{"class":1063},[1050,7559,7560],{"class":1052,"line":1490},[1050,7561,1256],{"class":1110},[1050,7563,7564,7566,7568,7570,7572,7574,7577,7579],{"class":1052,"line":1505},[1050,7565,7535],{"class":1063},[1050,7567,1604],{"class":1067},[1050,7569,1607],{"class":1071},[1050,7571,1610],{"class":1063},[1050,7573,1614],{"class":1613},[1050,7575,7576],{"class":1617},"widget-content",[1050,7578,1614],{"class":1613},[1050,7580,1075],{"class":1063},[1050,7582,7583],{"class":1052,"line":1517},[1050,7584,7585],{"class":1110},"            {{ content|escape }}\n",[1050,7587,7588,7591,7593],{"class":1052,"line":1522},[1050,7589,7590],{"class":1063},"        \u003C/",[1050,7592,1604],{"class":1067},[1050,7594,1075],{"class":1063},[1050,7596,7597],{"class":1052,"line":1532},[1050,7598,1256],{"class":1110},[1050,7600,7601,7603,7605,7607,7609,7611,7613,7615],{"class":1052,"line":1541},[1050,7602,7535],{"class":1063},[1050,7604,1604],{"class":1067},[1050,7606,1607],{"class":1071},[1050,7608,1610],{"class":1063},[1050,7610,1614],{"class":1613},[1050,7612,7442],{"class":1617},[1050,7614,1614],{"class":1613},[1050,7616,1075],{"class":1063},[1050,7618,7619],{"class":1052,"line":1551},[1050,7620,7621],{"class":1110},"            🔒 This widget is served securely\n",[1050,7623,7624,7626,7628],{"class":1052,"line":1569},[1050,7625,7590],{"class":1063},[1050,7627,1604],{"class":1067},[1050,7629,1075],{"class":1063},[1050,7631,7632,7634,7636],{"class":1052,"line":1587},[1050,7633,1525],{"class":1063},[1050,7635,1604],{"class":1067},[1050,7637,1075],{"class":1063},[1050,7639,7640],{"class":1052,"line":1593},[1050,7641,1590],{"class":1110},[1050,7643,7644],{"class":1052,"line":1599},[1050,7645,7646],{"class":1056},"    \u003C!-- Secure JavaScript with nonce -->\n",[1050,7648,7649,7651,7654,7657,7659,7661,7664,7666],{"class":1052,"line":1633},[1050,7650,1101],{"class":1063},[1050,7652,7653],{"class":1067},"script",[1050,7655,7656],{"class":1071}," nonce",[1050,7658,1610],{"class":1063},[1050,7660,1614],{"class":1613},[1050,7662,7663],{"class":1617},"{{ nonce }}",[1050,7665,1614],{"class":1613},[1050,7667,1075],{"class":1063},[1050,7669,7670,7673,7675,7677],{"class":1052,"line":1638},[1050,7671,7672],{"class":4443},"        (",[1050,7674,4446],{"class":1982},[1050,7676,4449],{"class":1063},[1050,7678,1141],{"class":1063},[1050,7680,7681,7683,7685,7687],{"class":1052,"line":1644},[1050,7682,3339],{"class":1613},[1050,7684,4458],{"class":1617},[1050,7686,1900],{"class":1613},[1050,7688,1158],{"class":1063},[1050,7690,7691],{"class":1052,"line":1668},[1050,7692,4092],{"class":2044},[1050,7694,7695],{"class":1052,"line":1684},[1050,7696,7697],{"class":1056},"            // Verify we're in expected context\n",[1050,7699,7700,7702,7704,7706,7708,7710,7712,7714,7716,7718,7720],{"class":1052,"line":1693},[1050,7701,4175],{"class":2109},[1050,7703,3707],{"class":4495},[1050,7705,4499],{"class":4498},[1050,7707,2041],{"class":1063},[1050,7709,4504],{"class":4498},[1050,7711,4507],{"class":2113},[1050,7713,4510],{"class":4498},[1050,7715,2041],{"class":1063},[1050,7717,2023],{"class":4498},[1050,7719,3413],{"class":4495},[1050,7721,1141],{"class":1063},[1050,7723,7724],{"class":1052,"line":1698},[1050,7725,7726],{"class":1056},"                // We're in a frame - verify it's allowed\n",[1050,7728,7729,7732],{"class":1052,"line":1704},[1050,7730,7731],{"class":2109},"                try",[1050,7733,1141],{"class":1063},[1050,7735,7736,7739,7742,7744,7746,7748,7751,7753,7755,7757,7760],{"class":1052,"line":1713},[1050,7737,7738],{"class":1982},"                    var",[1050,7740,7741],{"class":4498}," parentOrigin",[1050,7743,1886],{"class":1063},[1050,7745,4510],{"class":4498},[1050,7747,2041],{"class":1063},[1050,7749,7750],{"class":4498},"parent",[1050,7752,2041],{"class":1063},[1050,7754,4548],{"class":4498},[1050,7756,2041],{"class":1063},[1050,7758,7759],{"class":4498},"origin",[1050,7761,1158],{"class":1063},[1050,7763,7764,7766,7769,7771,7773,7775,7777,7779,7781],{"class":1052,"line":3594},[1050,7765,7738],{"class":1982},[1050,7767,7768],{"class":4498}," allowedOrigins",[1050,7770,1886],{"class":1063},[1050,7772,3462],{"class":4495},[1050,7774,1900],{"class":1613},[1050,7776,4371],{"class":1617},[1050,7778,1900],{"class":1613},[1050,7780,2150],{"class":4495},[1050,7782,1158],{"class":1063},[1050,7784,7785],{"class":1052,"line":3607},[1050,7786,7787],{"class":2044},"                    \n",[1050,7789,7790,7793,7795,7798,7800,7802,7804,7807,7809,7811,7814,7817,7819],{"class":1052,"line":3612},[1050,7791,7792],{"class":2109},"                    if",[1050,7794,3707],{"class":4495},[1050,7796,7797],{"class":4498},"allowedOrigins",[1050,7799,2041],{"class":1063},[1050,7801,5432],{"class":2300},[1050,7803,2019],{"class":4495},[1050,7805,7806],{"class":4498},"parentOrigin",[1050,7808,3413],{"class":4495},[1050,7810,5167],{"class":2113},[1050,7812,7813],{"class":2113}," -",[1050,7815,7816],{"class":1169},"1",[1050,7818,3413],{"class":4495},[1050,7820,1141],{"class":1063},[1050,7822,7823,7826,7828,7830,7832,7834,7837,7839,7841],{"class":1052,"line":3618},[1050,7824,7825],{"class":4498},"                        console",[1050,7827,2041],{"class":1063},[1050,7829,4883],{"class":2300},[1050,7831,2019],{"class":4495},[1050,7833,1900],{"class":1613},[1050,7835,7836],{"class":1617},"Widget loaded in unauthorized frame",[1050,7838,1900],{"class":1613},[1050,7840,3413],{"class":4495},[1050,7842,1158],{"class":1063},[1050,7844,7845,7848,7850,7852,7854,7856,7858,7860,7863,7865],{"class":1052,"line":3629},[1050,7846,7847],{"class":4498},"                        document",[1050,7849,2041],{"class":1063},[1050,7851,1546],{"class":4498},[1050,7853,2041],{"class":1063},[1050,7855,4663],{"class":4498},[1050,7857,1886],{"class":1063},[1050,7859,1932],{"class":1613},[1050,7861,7862],{"class":1617},"\u003Cp>Widget cannot be displayed in this context\u003C/p>",[1050,7864,1900],{"class":1613},[1050,7866,1158],{"class":1063},[1050,7868,7869],{"class":1052,"line":3634},[1050,7870,7871],{"class":1063},"                    }\n",[1050,7873,7874,7876,7878,7880,7882,7884],{"class":1052,"line":3640},[1050,7875,5099],{"class":1063},[1050,7877,4570],{"class":2109},[1050,7879,3707],{"class":4495},[1050,7881,4575],{"class":4498},[1050,7883,3413],{"class":4495},[1050,7885,1141],{"class":1063},[1050,7887,7888],{"class":1052,"line":3646},[1050,7889,7890],{"class":1056},"                    // Cross-origin frame - this is expected for legitimate embedding\n",[1050,7892,7893],{"class":1052,"line":3651},[1050,7894,7895],{"class":1063},"                }\n",[1050,7897,7898],{"class":1052,"line":3657},[1050,7899,4725],{"class":1063},[1050,7901,7902],{"class":1052,"line":3666},[1050,7903,4092],{"class":2044},[1050,7905,7906],{"class":1052,"line":3678},[1050,7907,7908],{"class":1056},"            // Widget functionality\n",[1050,7910,7911,7914,7917,7919],{"class":1052,"line":3683},[1050,7912,7913],{"class":1982},"            function",[1050,7915,7916],{"class":2300}," initializeWidget",[1050,7918,4449],{"class":1063},[1050,7920,1141],{"class":1063},[1050,7922,7923],{"class":1052,"line":3688},[1050,7924,7925],{"class":1056},"                // Safe widget initialization code\n",[1050,7927,7928,7930,7932,7935,7937,7939,7942,7944,7946],{"class":1052,"line":3693},[1050,7929,4892],{"class":4498},[1050,7931,2041],{"class":1063},[1050,7933,7934],{"class":2300},"log",[1050,7936,2019],{"class":4495},[1050,7938,1900],{"class":1613},[1050,7940,7941],{"class":1617},"Secure widget initialized",[1050,7943,1900],{"class":1613},[1050,7945,3413],{"class":4495},[1050,7947,1158],{"class":1063},[1050,7949,7950],{"class":1052,"line":3699},[1050,7951,4725],{"class":1063},[1050,7953,7954],{"class":1052,"line":3722},[1050,7955,4092],{"class":2044},[1050,7957,7958],{"class":1052,"line":3728},[1050,7959,7960],{"class":1056},"            // Initialize when DOM is ready\n",[1050,7962,7963,7965,7967,7969,7971,7973,7975,7977,7979,7981,7983],{"class":1052,"line":5280},[1050,7964,4175],{"class":2109},[1050,7966,3707],{"class":4495},[1050,7968,5159],{"class":4498},[1050,7970,2041],{"class":1063},[1050,7972,5164],{"class":4498},[1050,7974,5167],{"class":2113},[1050,7976,1932],{"class":1613},[1050,7978,5172],{"class":1617},[1050,7980,1900],{"class":1613},[1050,7982,3413],{"class":4495},[1050,7984,1141],{"class":1063},[1050,7986,7987,7989,7991,7993,7995,7997,7999,8001,8003,8005,8007],{"class":1052,"line":5292},[1050,7988,4589],{"class":4498},[1050,7990,2041],{"class":1063},[1050,7992,5188],{"class":2300},[1050,7994,2019],{"class":4495},[1050,7996,1900],{"class":1613},[1050,7998,5195],{"class":1617},[1050,8000,1900],{"class":1613},[1050,8002,2026],{"class":1063},[1050,8004,7916],{"class":4498},[1050,8006,3413],{"class":4495},[1050,8008,1158],{"class":1063},[1050,8010,8011,8013,8015],{"class":1052,"line":5297},[1050,8012,4567],{"class":1063},[1050,8014,5213],{"class":2109},[1050,8016,1141],{"class":1063},[1050,8018,8019,8022,8024],{"class":1052,"line":5303},[1050,8020,8021],{"class":2300},"                initializeWidget",[1050,8023,4449],{"class":4495},[1050,8025,1158],{"class":1063},[1050,8027,8028],{"class":1052,"line":5314},[1050,8029,4725],{"class":1063},[1050,8031,8032,8034,8036],{"class":1052,"line":5348},[1050,8033,4813],{"class":1063},[1050,8035,5512],{"class":4443},[1050,8037,1158],{"class":1063},[1050,8039,8040,8042,8044],{"class":1052,"line":5392},[1050,8041,1525],{"class":1063},[1050,8043,7653],{"class":1067},[1050,8045,1075],{"class":1063},[1050,8047,8048,8050,8052],{"class":1052,"line":5421},[1050,8049,1114],{"class":1063},[1050,8051,1546],{"class":1067},[1050,8053,1075],{"class":1063},[1050,8055,8056,8058,8060],{"class":1052,"line":5454},[1050,8057,1114],{"class":1063},[1050,8059,1044],{"class":1067},[1050,8061,1075],{"class":1063},[1030,8063,8065],{"id":8064},"testing-clickjacking-protection","Testing Clickjacking Protection",[1035,8067,8069],{"id":8068},"security-tests","Security Tests",[1040,8071,8073],{"className":1726,"code":8072,"language":1728,"meta":1045,"style":1045},"# tests.py - Clickjacking protection tests\nfrom django.test import TestCase, Client\nfrom django.urls import reverse\n\nclass ClickjackingProtectionTests(TestCase):\n    \"\"\"Test clickjacking protection mechanisms\"\"\"\n    \n    def setUp(self):\n        self.client = Client()\n    \n    def test_x_frame_options_deny(self):\n        \"\"\"Test that X-Frame-Options: DENY is set\"\"\"\n        \n        response = self.client.get(reverse('sensitive_action'))\n        \n        self.assertEqual(response['X-Frame-Options'], 'DENY')\n    \n    def test_x_frame_options_sameorigin(self):\n        \"\"\"Test that X-Frame-Options: SAMEORIGIN is set for widgets\"\"\"\n        \n        response = self.client.get(reverse('widget_view'))\n        \n        self.assertEqual(response['X-Frame-Options'], 'SAMEORIGIN')\n    \n    def test_csp_frame_ancestors(self):\n        \"\"\"Test CSP frame-ancestors directive\"\"\"\n        \n        response = self.client.get(reverse('csp_protected_view'))\n        \n        csp = response.get('Content-Security-Policy', '')\n        self.assertIn('frame-ancestors', csp)\n        self.assertIn(\"'none'\", csp)\n    \n    def test_frame_busting_javascript(self):\n        \"\"\"Test that frame busting JavaScript is included\"\"\"\n        \n        response = self.client.get(reverse('protected_page'))\n        \n        self.assertContains(response, 'window.top !== window.self')\n    \n    def test_embedding_validation(self):\n        \"\"\"Test that embedding validation works\"\"\"\n        \n        # Test with no referrer\n        response = self.client.get(reverse('secure_widget'))\n        self.assertEqual(response.status_code, 403)\n        \n        # Test with trusted referrer\n        response = self.client.get(\n            reverse('secure_widget'),\n            HTTP_REFERER='https://trusted-partner.com/page'\n        )\n        self.assertEqual(response.status_code, 200)\n        \n        # Test with untrusted referrer\n        response = self.client.get(\n            reverse('secure_widget'),\n            HTTP_REFERER='https://malicious-site.com/attack'\n        )\n        self.assertEqual(response.status_code, 403)\n\nclass ClickjackingDetectionTests(TestCase):\n    \"\"\"Test clickjacking detection mechanisms\"\"\"\n    \n    def test_suspicious_referrer_detection(self):\n        \"\"\"Test detection of suspicious referrers\"\"\"\n        \n        with self.assertLogs('security', level='WARNING') as cm:\n            response = self.client.get(\n                reverse('sensitive_view'),\n                HTTP_REFERER='https://suspicious-site.com/frame-page'\n            )\n        \n        self.assertIn('Suspicious referrer detected', cm.output[0])\n    \n    def test_framing_attempt_detection(self):\n        \"\"\"Test detection of framing attempts\"\"\"\n        \n        with self.assertLogs('security', level='WARNING') as cm:\n            response = self.client.get(\n                reverse('sensitive_view'),\n                HTTP_SEC_FETCH_DEST='iframe'\n            )\n        \n        self.assertIn('Potential clickjacking attempt', cm.output[0])\n",[1047,8074,8075,8080,8101,8117,8121,8135,8144,8148,8161,8177,8181,8194,8203,8207,8240,8244,8277,8281,8294,8303,8307,8338,8342,8373,8377,8390,8399,8403,8434,8438,8465,8490,8512,8516,8529,8538,8542,8573,8577,8601,8605,8618,8627,8631,8636,8667,8691,8695,8700,8718,8733,8747,8751,8773,8777,8782,8800,8814,8827,8831,8853,8857,8870,8879,8883,8896,8905,8909,8953,8971,8987,9001,9006,9010,9043,9047,9060,9069,9073,9111,9129,9143,9156,9160,9164],{"__ignoreMap":1045},[1050,8076,8077],{"class":1052,"line":1053},[1050,8078,8079],{"class":1056},"# tests.py - Clickjacking protection tests\n",[1050,8081,8082,8084,8086,8088,8091,8093,8096,8098],{"class":1052,"line":1060},[1050,8083,2241],{"class":2109},[1050,8085,2244],{"class":1110},[1050,8087,2041],{"class":1063},[1050,8089,8090],{"class":1110},"test ",[1050,8092,2262],{"class":2109},[1050,8094,8095],{"class":1110}," TestCase",[1050,8097,2026],{"class":1063},[1050,8099,8100],{"class":1110}," Client\n",[1050,8102,8103,8105,8107,8109,8112,8114],{"class":1052,"line":1078},[1050,8104,2241],{"class":2109},[1050,8106,2244],{"class":1110},[1050,8108,2041],{"class":1063},[1050,8110,8111],{"class":1110},"urls ",[1050,8113,2262],{"class":2109},[1050,8115,8116],{"class":1110}," reverse\n",[1050,8118,8119],{"class":1052,"line":1088},[1050,8120,1741],{"emptyLinePlaceholder":1740},[1050,8122,8123,8125,8128,8130,8133],{"class":1052,"line":1098},[1050,8124,1983],{"class":1982},[1050,8126,8127],{"class":1986}," ClickjackingProtectionTests",[1050,8129,2019],{"class":1063},[1050,8131,8132],{"class":2674},"TestCase",[1050,8134,2033],{"class":1063},[1050,8136,8137,8139,8142],{"class":1052,"line":1121},[1050,8138,1996],{"class":1995},[1050,8140,8141],{"class":1999},"Test clickjacking protection mechanisms",[1050,8143,2003],{"class":1995},[1050,8145,8146],{"class":1052,"line":1131},[1050,8147,1590],{"class":1110},[1050,8149,8150,8152,8155,8157,8159],{"class":1052,"line":1144},[1050,8151,2012],{"class":1982},[1050,8153,8154],{"class":2300}," setUp",[1050,8156,2019],{"class":1063},[1050,8158,2023],{"class":2022},[1050,8160,2033],{"class":1063},[1050,8162,8163,8165,8167,8170,8172,8175],{"class":1052,"line":1161},[1050,8164,2038],{"class":1154},[1050,8166,2041],{"class":1063},[1050,8168,8169],{"class":2044},"client",[1050,8171,1886],{"class":1063},[1050,8173,8174],{"class":2087}," Client",[1050,8176,2371],{"class":1063},[1050,8178,8179],{"class":1052,"line":1175},[1050,8180,1590],{"class":1110},[1050,8182,8183,8185,8188,8190,8192],{"class":1052,"line":1187},[1050,8184,2012],{"class":1982},[1050,8186,8187],{"class":2300}," test_x_frame_options_deny",[1050,8189,2019],{"class":1063},[1050,8191,2023],{"class":2022},[1050,8193,2033],{"class":1063},[1050,8195,8196,8198,8201],{"class":1052,"line":1204},[1050,8197,3125],{"class":1995},[1050,8199,8200],{"class":1999},"Test that X-Frame-Options: DENY is set",[1050,8202,2003],{"class":1995},[1050,8204,8205],{"class":1052,"line":1218},[1050,8206,1256],{"class":1110},[1050,8208,8209,8211,8213,8215,8217,8219,8221,8223,8225,8228,8230,8232,8235,8237],{"class":1052,"line":1231},[1050,8210,2077],{"class":1110},[1050,8212,1610],{"class":1063},[1050,8214,2082],{"class":1154},[1050,8216,2041],{"class":1063},[1050,8218,8169],{"class":2044},[1050,8220,2041],{"class":1063},[1050,8222,2122],{"class":2087},[1050,8224,2019],{"class":1063},[1050,8226,8227],{"class":2087},"reverse",[1050,8229,2019],{"class":1063},[1050,8231,1900],{"class":1613},[1050,8233,8234],{"class":1617},"sensitive_action",[1050,8236,1900],{"class":1613},[1050,8238,8239],{"class":1063},"))\n",[1050,8241,8242],{"class":1052,"line":1247},[1050,8243,1256],{"class":1110},[1050,8245,8246,8248,8250,8253,8255,8258,8260,8262,8264,8266,8269,8271,8273,8275],{"class":1052,"line":1253},[1050,8247,2038],{"class":1154},[1050,8249,2041],{"class":1063},[1050,8251,8252],{"class":2087},"assertEqual",[1050,8254,2019],{"class":1063},[1050,8256,8257],{"class":2087},"response",[1050,8259,2141],{"class":1063},[1050,8261,1900],{"class":1613},[1050,8263,2129],{"class":1617},[1050,8265,1900],{"class":1613},[1050,8267,8268],{"class":1063},"],",[1050,8270,1932],{"class":1613},[1050,8272,1935],{"class":1617},[1050,8274,1900],{"class":1613},[1050,8276,2095],{"class":1063},[1050,8278,8279],{"class":1052,"line":1259},[1050,8280,1590],{"class":1110},[1050,8282,8283,8285,8288,8290,8292],{"class":1052,"line":1269},[1050,8284,2012],{"class":1982},[1050,8286,8287],{"class":2300}," test_x_frame_options_sameorigin",[1050,8289,2019],{"class":1063},[1050,8291,2023],{"class":2022},[1050,8293,2033],{"class":1063},[1050,8295,8296,8298,8301],{"class":1052,"line":1280},[1050,8297,3125],{"class":1995},[1050,8299,8300],{"class":1999},"Test that X-Frame-Options: SAMEORIGIN is set for widgets",[1050,8302,2003],{"class":1995},[1050,8304,8305],{"class":1052,"line":1295},[1050,8306,1256],{"class":1110},[1050,8308,8309,8311,8313,8315,8317,8319,8321,8323,8325,8327,8329,8331,8334,8336],{"class":1052,"line":1309},[1050,8310,2077],{"class":1110},[1050,8312,1610],{"class":1063},[1050,8314,2082],{"class":1154},[1050,8316,2041],{"class":1063},[1050,8318,8169],{"class":2044},[1050,8320,2041],{"class":1063},[1050,8322,2122],{"class":2087},[1050,8324,2019],{"class":1063},[1050,8326,8227],{"class":2087},[1050,8328,2019],{"class":1063},[1050,8330,1900],{"class":1613},[1050,8332,8333],{"class":1617},"widget_view",[1050,8335,1900],{"class":1613},[1050,8337,8239],{"class":1063},[1050,8339,8340],{"class":1052,"line":1322},[1050,8341,1256],{"class":1110},[1050,8343,8344,8346,8348,8350,8352,8354,8356,8358,8360,8362,8364,8366,8369,8371],{"class":1052,"line":1336},[1050,8345,2038],{"class":1154},[1050,8347,2041],{"class":1063},[1050,8349,8252],{"class":2087},[1050,8351,2019],{"class":1063},[1050,8353,8257],{"class":2087},[1050,8355,2141],{"class":1063},[1050,8357,1900],{"class":1613},[1050,8359,2129],{"class":1617},[1050,8361,1900],{"class":1613},[1050,8363,8268],{"class":1063},[1050,8365,1932],{"class":1613},[1050,8367,8368],{"class":1617},"SAMEORIGIN",[1050,8370,1900],{"class":1613},[1050,8372,2095],{"class":1063},[1050,8374,8375],{"class":1052,"line":1349},[1050,8376,1590],{"class":1110},[1050,8378,8379,8381,8384,8386,8388],{"class":1052,"line":1362},[1050,8380,2012],{"class":1982},[1050,8382,8383],{"class":2300}," test_csp_frame_ancestors",[1050,8385,2019],{"class":1063},[1050,8387,2023],{"class":2022},[1050,8389,2033],{"class":1063},[1050,8391,8392,8394,8397],{"class":1052,"line":1375},[1050,8393,3125],{"class":1995},[1050,8395,8396],{"class":1999},"Test CSP frame-ancestors directive",[1050,8398,2003],{"class":1995},[1050,8400,8401],{"class":1052,"line":1389},[1050,8402,1256],{"class":1110},[1050,8404,8405,8407,8409,8411,8413,8415,8417,8419,8421,8423,8425,8427,8430,8432],{"class":1052,"line":1402},[1050,8406,2077],{"class":1110},[1050,8408,1610],{"class":1063},[1050,8410,2082],{"class":1154},[1050,8412,2041],{"class":1063},[1050,8414,8169],{"class":2044},[1050,8416,2041],{"class":1063},[1050,8418,2122],{"class":2087},[1050,8420,2019],{"class":1063},[1050,8422,8227],{"class":2087},[1050,8424,2019],{"class":1063},[1050,8426,1900],{"class":1613},[1050,8428,8429],{"class":1617},"csp_protected_view",[1050,8431,1900],{"class":1613},[1050,8433,8239],{"class":1063},[1050,8435,8436],{"class":1052,"line":1407},[1050,8437,1256],{"class":1110},[1050,8439,8440,8443,8445,8447,8449,8451,8453,8455,8457,8459,8461,8463],{"class":1052,"line":1412},[1050,8441,8442],{"class":1110},"        csp ",[1050,8444,1610],{"class":1063},[1050,8446,2117],{"class":1110},[1050,8448,2041],{"class":1063},[1050,8450,2122],{"class":2087},[1050,8452,2019],{"class":1063},[1050,8454,1900],{"class":1613},[1050,8456,3080],{"class":1617},[1050,8458,1900],{"class":1613},[1050,8460,2026],{"class":1063},[1050,8462,4168],{"class":1613},[1050,8464,2095],{"class":1063},[1050,8466,8467,8469,8471,8474,8476,8478,8481,8483,8485,8488],{"class":1052,"line":1422},[1050,8468,2038],{"class":1154},[1050,8470,2041],{"class":1063},[1050,8472,8473],{"class":2087},"assertIn",[1050,8475,2019],{"class":1063},[1050,8477,1900],{"class":1613},[1050,8479,8480],{"class":1617},"frame-ancestors",[1050,8482,1900],{"class":1613},[1050,8484,2026],{"class":1063},[1050,8486,8487],{"class":2087}," csp",[1050,8489,2095],{"class":1063},[1050,8491,8492,8494,8496,8498,8500,8502,8504,8506,8508,8510],{"class":1052,"line":1433},[1050,8493,2038],{"class":1154},[1050,8495,2041],{"class":1063},[1050,8497,8473],{"class":2087},[1050,8499,2019],{"class":1063},[1050,8501,1614],{"class":1613},[1050,8503,3438],{"class":1617},[1050,8505,1614],{"class":1613},[1050,8507,2026],{"class":1063},[1050,8509,8487],{"class":2087},[1050,8511,2095],{"class":1063},[1050,8513,8514],{"class":1052,"line":1450},[1050,8515,1590],{"class":1110},[1050,8517,8518,8520,8523,8525,8527],{"class":1052,"line":1464},[1050,8519,2012],{"class":1982},[1050,8521,8522],{"class":2300}," test_frame_busting_javascript",[1050,8524,2019],{"class":1063},[1050,8526,2023],{"class":2022},[1050,8528,2033],{"class":1063},[1050,8530,8531,8533,8536],{"class":1052,"line":1477},[1050,8532,3125],{"class":1995},[1050,8534,8535],{"class":1999},"Test that frame busting JavaScript is included",[1050,8537,2003],{"class":1995},[1050,8539,8540],{"class":1052,"line":1490},[1050,8541,1256],{"class":1110},[1050,8543,8544,8546,8548,8550,8552,8554,8556,8558,8560,8562,8564,8566,8569,8571],{"class":1052,"line":1505},[1050,8545,2077],{"class":1110},[1050,8547,1610],{"class":1063},[1050,8549,2082],{"class":1154},[1050,8551,2041],{"class":1063},[1050,8553,8169],{"class":2044},[1050,8555,2041],{"class":1063},[1050,8557,2122],{"class":2087},[1050,8559,2019],{"class":1063},[1050,8561,8227],{"class":2087},[1050,8563,2019],{"class":1063},[1050,8565,1900],{"class":1613},[1050,8567,8568],{"class":1617},"protected_page",[1050,8570,1900],{"class":1613},[1050,8572,8239],{"class":1063},[1050,8574,8575],{"class":1052,"line":1517},[1050,8576,1256],{"class":1110},[1050,8578,8579,8581,8583,8586,8588,8590,8592,8594,8597,8599],{"class":1052,"line":1522},[1050,8580,2038],{"class":1154},[1050,8582,2041],{"class":1063},[1050,8584,8585],{"class":2087},"assertContains",[1050,8587,2019],{"class":1063},[1050,8589,8257],{"class":2087},[1050,8591,2026],{"class":1063},[1050,8593,1932],{"class":1613},[1050,8595,8596],{"class":1617},"window.top !== window.self",[1050,8598,1900],{"class":1613},[1050,8600,2095],{"class":1063},[1050,8602,8603],{"class":1052,"line":1532},[1050,8604,1590],{"class":1110},[1050,8606,8607,8609,8612,8614,8616],{"class":1052,"line":1541},[1050,8608,2012],{"class":1982},[1050,8610,8611],{"class":2300}," test_embedding_validation",[1050,8613,2019],{"class":1063},[1050,8615,2023],{"class":2022},[1050,8617,2033],{"class":1063},[1050,8619,8620,8622,8625],{"class":1052,"line":1551},[1050,8621,3125],{"class":1995},[1050,8623,8624],{"class":1999},"Test that embedding validation works",[1050,8626,2003],{"class":1995},[1050,8628,8629],{"class":1052,"line":1569},[1050,8630,1256],{"class":1110},[1050,8632,8633],{"class":1052,"line":1587},[1050,8634,8635],{"class":1056},"        # Test with no referrer\n",[1050,8637,8638,8640,8642,8644,8646,8648,8650,8652,8654,8656,8658,8660,8663,8665],{"class":1052,"line":1593},[1050,8639,2077],{"class":1110},[1050,8641,1610],{"class":1063},[1050,8643,2082],{"class":1154},[1050,8645,2041],{"class":1063},[1050,8647,8169],{"class":2044},[1050,8649,2041],{"class":1063},[1050,8651,2122],{"class":2087},[1050,8653,2019],{"class":1063},[1050,8655,8227],{"class":2087},[1050,8657,2019],{"class":1063},[1050,8659,1900],{"class":1613},[1050,8661,8662],{"class":1617},"secure_widget",[1050,8664,1900],{"class":1613},[1050,8666,8239],{"class":1063},[1050,8668,8669,8671,8673,8675,8677,8679,8681,8684,8686,8689],{"class":1052,"line":1599},[1050,8670,2038],{"class":1154},[1050,8672,2041],{"class":1063},[1050,8674,8252],{"class":2087},[1050,8676,2019],{"class":1063},[1050,8678,8257],{"class":2087},[1050,8680,2041],{"class":1063},[1050,8682,8683],{"class":2044},"status_code",[1050,8685,2026],{"class":1063},[1050,8687,8688],{"class":1169}," 403",[1050,8690,2095],{"class":1063},[1050,8692,8693],{"class":1052,"line":1633},[1050,8694,1256],{"class":1110},[1050,8696,8697],{"class":1052,"line":1638},[1050,8698,8699],{"class":1056},"        # Test with trusted referrer\n",[1050,8701,8702,8704,8706,8708,8710,8712,8714,8716],{"class":1052,"line":1644},[1050,8703,2077],{"class":1110},[1050,8705,1610],{"class":1063},[1050,8707,2082],{"class":1154},[1050,8709,2041],{"class":1063},[1050,8711,8169],{"class":2044},[1050,8713,2041],{"class":1063},[1050,8715,2122],{"class":2087},[1050,8717,6161],{"class":1063},[1050,8719,8720,8723,8725,8727,8729,8731],{"class":1052,"line":1668},[1050,8721,8722],{"class":2087},"            reverse",[1050,8724,2019],{"class":1063},[1050,8726,1900],{"class":1613},[1050,8728,8662],{"class":1617},[1050,8730,1900],{"class":1613},[1050,8732,6206],{"class":1063},[1050,8734,8735,8738,8740,8742,8745],{"class":1052,"line":1684},[1050,8736,8737],{"class":2650},"            HTTP_REFERER",[1050,8739,1610],{"class":1063},[1050,8741,1900],{"class":1613},[1050,8743,8744],{"class":1617},"https://trusted-partner.com/page",[1050,8746,2701],{"class":1613},[1050,8748,8749],{"class":1052,"line":1693},[1050,8750,6314],{"class":1063},[1050,8752,8753,8755,8757,8759,8761,8763,8765,8767,8769,8771],{"class":1052,"line":1698},[1050,8754,2038],{"class":1154},[1050,8756,2041],{"class":1063},[1050,8758,8252],{"class":2087},[1050,8760,2019],{"class":1063},[1050,8762,8257],{"class":2087},[1050,8764,2041],{"class":1063},[1050,8766,8683],{"class":2044},[1050,8768,2026],{"class":1063},[1050,8770,1287],{"class":1169},[1050,8772,2095],{"class":1063},[1050,8774,8775],{"class":1052,"line":1704},[1050,8776,1256],{"class":1110},[1050,8778,8779],{"class":1052,"line":1713},[1050,8780,8781],{"class":1056},"        # Test with untrusted referrer\n",[1050,8783,8784,8786,8788,8790,8792,8794,8796,8798],{"class":1052,"line":3594},[1050,8785,2077],{"class":1110},[1050,8787,1610],{"class":1063},[1050,8789,2082],{"class":1154},[1050,8791,2041],{"class":1063},[1050,8793,8169],{"class":2044},[1050,8795,2041],{"class":1063},[1050,8797,2122],{"class":2087},[1050,8799,6161],{"class":1063},[1050,8801,8802,8804,8806,8808,8810,8812],{"class":1052,"line":3607},[1050,8803,8722],{"class":2087},[1050,8805,2019],{"class":1063},[1050,8807,1900],{"class":1613},[1050,8809,8662],{"class":1617},[1050,8811,1900],{"class":1613},[1050,8813,6206],{"class":1063},[1050,8815,8816,8818,8820,8822,8825],{"class":1052,"line":3612},[1050,8817,8737],{"class":2650},[1050,8819,1610],{"class":1063},[1050,8821,1900],{"class":1613},[1050,8823,8824],{"class":1617},"https://malicious-site.com/attack",[1050,8826,2701],{"class":1613},[1050,8828,8829],{"class":1052,"line":3618},[1050,8830,6314],{"class":1063},[1050,8832,8833,8835,8837,8839,8841,8843,8845,8847,8849,8851],{"class":1052,"line":3629},[1050,8834,2038],{"class":1154},[1050,8836,2041],{"class":1063},[1050,8838,8252],{"class":2087},[1050,8840,2019],{"class":1063},[1050,8842,8257],{"class":2087},[1050,8844,2041],{"class":1063},[1050,8846,8683],{"class":2044},[1050,8848,2026],{"class":1063},[1050,8850,8688],{"class":1169},[1050,8852,2095],{"class":1063},[1050,8854,8855],{"class":1052,"line":3634},[1050,8856,1741],{"emptyLinePlaceholder":1740},[1050,8858,8859,8861,8864,8866,8868],{"class":1052,"line":3640},[1050,8860,1983],{"class":1982},[1050,8862,8863],{"class":1986}," ClickjackingDetectionTests",[1050,8865,2019],{"class":1063},[1050,8867,8132],{"class":2674},[1050,8869,2033],{"class":1063},[1050,8871,8872,8874,8877],{"class":1052,"line":3646},[1050,8873,1996],{"class":1995},[1050,8875,8876],{"class":1999},"Test clickjacking detection mechanisms",[1050,8878,2003],{"class":1995},[1050,8880,8881],{"class":1052,"line":3651},[1050,8882,1590],{"class":1110},[1050,8884,8885,8887,8890,8892,8894],{"class":1052,"line":3657},[1050,8886,2012],{"class":1982},[1050,8888,8889],{"class":2300}," test_suspicious_referrer_detection",[1050,8891,2019],{"class":1063},[1050,8893,2023],{"class":2022},[1050,8895,2033],{"class":1063},[1050,8897,8898,8900,8903],{"class":1052,"line":3666},[1050,8899,3125],{"class":1995},[1050,8901,8902],{"class":1999},"Test detection of suspicious referrers",[1050,8904,2003],{"class":1995},[1050,8906,8907],{"class":1052,"line":3678},[1050,8908,1256],{"class":1110},[1050,8910,8911,8914,8916,8918,8921,8923,8925,8927,8929,8931,8934,8936,8938,8941,8943,8945,8948,8951],{"class":1052,"line":3683},[1050,8912,8913],{"class":2109},"        with",[1050,8915,2082],{"class":1154},[1050,8917,2041],{"class":1063},[1050,8919,8920],{"class":2087},"assertLogs",[1050,8922,2019],{"class":1063},[1050,8924,1900],{"class":1613},[1050,8926,5561],{"class":1617},[1050,8928,1900],{"class":1613},[1050,8930,2026],{"class":1063},[1050,8932,8933],{"class":2650}," level",[1050,8935,1610],{"class":1063},[1050,8937,1900],{"class":1613},[1050,8939,8940],{"class":1617},"WARNING",[1050,8942,1900],{"class":1613},[1050,8944,3413],{"class":1063},[1050,8946,8947],{"class":2109}," as",[1050,8949,8950],{"class":1110}," cm",[1050,8952,1990],{"class":1063},[1050,8954,8955,8957,8959,8961,8963,8965,8967,8969],{"class":1052,"line":3688},[1050,8956,4064],{"class":1110},[1050,8958,1610],{"class":1063},[1050,8960,2082],{"class":1154},[1050,8962,2041],{"class":1063},[1050,8964,8169],{"class":2044},[1050,8966,2041],{"class":1063},[1050,8968,2122],{"class":2087},[1050,8970,6161],{"class":1063},[1050,8972,8973,8976,8978,8980,8983,8985],{"class":1052,"line":3693},[1050,8974,8975],{"class":2087},"                reverse",[1050,8977,2019],{"class":1063},[1050,8979,1900],{"class":1613},[1050,8981,8982],{"class":1617},"sensitive_view",[1050,8984,1900],{"class":1613},[1050,8986,6206],{"class":1063},[1050,8988,8989,8992,8994,8996,8999],{"class":1052,"line":3699},[1050,8990,8991],{"class":2650},"                HTTP_REFERER",[1050,8993,1610],{"class":1063},[1050,8995,1900],{"class":1613},[1050,8997,8998],{"class":1617},"https://suspicious-site.com/frame-page",[1050,9000,2701],{"class":1613},[1050,9002,9003],{"class":1052,"line":3722},[1050,9004,9005],{"class":1063},"            )\n",[1050,9007,9008],{"class":1052,"line":3728},[1050,9009,1256],{"class":1110},[1050,9011,9012,9014,9016,9018,9020,9022,9024,9026,9028,9030,9032,9035,9037,9040],{"class":1052,"line":5280},[1050,9013,2038],{"class":1154},[1050,9015,2041],{"class":1063},[1050,9017,8473],{"class":2087},[1050,9019,2019],{"class":1063},[1050,9021,1900],{"class":1613},[1050,9023,6168],{"class":1617},[1050,9025,1900],{"class":1613},[1050,9027,2026],{"class":1063},[1050,9029,8950],{"class":2087},[1050,9031,2041],{"class":1063},[1050,9033,9034],{"class":2044},"output",[1050,9036,2141],{"class":1063},[1050,9038,9039],{"class":1169},"0",[1050,9041,9042],{"class":1063},"])\n",[1050,9044,9045],{"class":1052,"line":5292},[1050,9046,1590],{"class":1110},[1050,9048,9049,9051,9054,9056,9058],{"class":1052,"line":5297},[1050,9050,2012],{"class":1982},[1050,9052,9053],{"class":2300}," test_framing_attempt_detection",[1050,9055,2019],{"class":1063},[1050,9057,2023],{"class":2022},[1050,9059,2033],{"class":1063},[1050,9061,9062,9064,9067],{"class":1052,"line":5303},[1050,9063,3125],{"class":1995},[1050,9065,9066],{"class":1999},"Test detection of framing attempts",[1050,9068,2003],{"class":1995},[1050,9070,9071],{"class":1052,"line":5314},[1050,9072,1256],{"class":1110},[1050,9074,9075,9077,9079,9081,9083,9085,9087,9089,9091,9093,9095,9097,9099,9101,9103,9105,9107,9109],{"class":1052,"line":5348},[1050,9076,8913],{"class":2109},[1050,9078,2082],{"class":1154},[1050,9080,2041],{"class":1063},[1050,9082,8920],{"class":2087},[1050,9084,2019],{"class":1063},[1050,9086,1900],{"class":1613},[1050,9088,5561],{"class":1617},[1050,9090,1900],{"class":1613},[1050,9092,2026],{"class":1063},[1050,9094,8933],{"class":2650},[1050,9096,1610],{"class":1063},[1050,9098,1900],{"class":1613},[1050,9100,8940],{"class":1617},[1050,9102,1900],{"class":1613},[1050,9104,3413],{"class":1063},[1050,9106,8947],{"class":2109},[1050,9108,8950],{"class":1110},[1050,9110,1990],{"class":1063},[1050,9112,9113,9115,9117,9119,9121,9123,9125,9127],{"class":1052,"line":5392},[1050,9114,4064],{"class":1110},[1050,9116,1610],{"class":1063},[1050,9118,2082],{"class":1154},[1050,9120,2041],{"class":1063},[1050,9122,8169],{"class":2044},[1050,9124,2041],{"class":1063},[1050,9126,2122],{"class":2087},[1050,9128,6161],{"class":1063},[1050,9130,9131,9133,9135,9137,9139,9141],{"class":1052,"line":5421},[1050,9132,8975],{"class":2087},[1050,9134,2019],{"class":1063},[1050,9136,1900],{"class":1613},[1050,9138,8982],{"class":1617},[1050,9140,1900],{"class":1613},[1050,9142,6206],{"class":1063},[1050,9144,9145,9148,9150,9152,9154],{"class":1052,"line":5454},[1050,9146,9147],{"class":2650},"                HTTP_SEC_FETCH_DEST",[1050,9149,1610],{"class":1063},[1050,9151,1900],{"class":1613},[1050,9153,1649],{"class":1617},[1050,9155,2701],{"class":1613},[1050,9157,9158],{"class":1052,"line":5483},[1050,9159,9005],{"class":1063},[1050,9161,9162],{"class":1052,"line":5488},[1050,9163,1256],{"class":1110},[1050,9165,9166,9168,9170,9172,9174,9176,9179,9181,9183,9185,9187,9189,9191,9193],{"class":1052,"line":5493},[1050,9167,2038],{"class":1154},[1050,9169,2041],{"class":1063},[1050,9171,8473],{"class":2087},[1050,9173,2019],{"class":1063},[1050,9175,1900],{"class":1613},[1050,9177,9178],{"class":1617},"Potential clickjacking attempt",[1050,9180,1900],{"class":1613},[1050,9182,2026],{"class":1063},[1050,9184,8950],{"class":2087},[1050,9186,2041],{"class":1063},[1050,9188,9034],{"class":2044},[1050,9190,2141],{"class":1063},[1050,9192,9039],{"class":1169},[1050,9194,9042],{"class":1063},[1030,9196,9198],{"id":9197},"best-practices-summary","Best Practices Summary",[1035,9200,9202],{"id":9201},"protection-strategies","Protection Strategies",[9204,9205,9206,9210,9213,9216],"ul",{},[9207,9208,9209],"li",{},"Use X-Frame-Options: DENY for sensitive pages",[9207,9211,9212],{},"Implement CSP frame-ancestors for modern browsers",[9207,9214,9215],{},"Add JavaScript frame busting for additional protection",[9207,9217,9218],{},"Validate embedding context for legitimate widgets",[1035,9220,9222],{"id":9221},"configuration-guidelines","Configuration Guidelines",[9204,9224,9225,9228,9231,9234],{},[9207,9226,9227],{},"Set X_FRAME_OPTIONS = 'DENY' as default",[9207,9229,9230],{},"Use SAMEORIGIN only when necessary for legitimate embedding",[9207,9232,9233],{},"Implement CSP policies with appropriate frame-ancestors",[9207,9235,9236],{},"Monitor and log potential clickjacking attempts",[1035,9238,9240],{"id":9239},"development-practices","Development Practices",[9204,9242,9243,9246,9249,9252],{},[9207,9244,9245],{},"Test all sensitive actions for clickjacking vulnerability",[9207,9247,9248],{},"Implement proper referrer validation for embeddable content",[9207,9250,9251],{},"Use secure coding practices for iframe content",[9207,9253,9254],{},"Regular security audits and penetration testing",[1035,9256,9258],{"id":9257},"monitoring-and-response","Monitoring and Response",[9204,9260,9261,9264,9267,9270],{},[9207,9262,9263],{},"Log all framing attempts and suspicious referrers",[9207,9265,9266],{},"Monitor for unusual iframe-related traffic patterns",[9207,9268,9269],{},"Implement alerting for potential clickjacking attacks",[9207,9271,9272],{},"Regular review of embedding policies and trusted domains",[1030,9274,9276],{"id":9275},"next-steps","Next Steps",[1026,9278,9279],{},"Now that you understand clickjacking protection, let's explore HTTPS setup and HTTP Strict Transport Security (HSTS) to ensure secure communications in Django applications.",[1126,9281,9282],{},"html pre.shiki code .s9Tkl, html code.shiki .s9Tkl{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#A0ADA0;--shiki-default-font-style:inherit;--shiki-dark:#758575DD;--shiki-dark-font-style:inherit}html pre.shiki code .soVBu, html code.shiki .soVBu{--shiki-light:#39ADB5;--shiki-default:#999999;--shiki-dark:#666666}html pre.shiki code .sJFLg, html code.shiki .sJFLg{--shiki-light:#E53935;--shiki-default:#1E754F;--shiki-dark:#4D9375}html pre.shiki code .s5q8q, html code.shiki .s5q8q{--shiki-light:#9C3EDA;--shiki-default:#B07D48;--shiki-dark:#BD976A}html pre.shiki code .sftqT, html code.shiki .sftqT{--shiki-light:#90A4AE;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .sKL33, html code.shiki .sKL33{--shiki-light:#E2931D;--shiki-default:#B07D48;--shiki-dark:#BD976A}html pre.shiki code .s5HLA, html code.shiki .s5HLA{--shiki-light:#8796B0;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .se3Ec, html code.shiki .se3Ec{--shiki-light:#90A4AE;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .s7CZa, html code.shiki .s7CZa{--shiki-light:#F76D47;--shiki-default:#2F798A;--shiki-dark:#4C9A91}html pre.shiki code .sQBxk, html code.shiki .sQBxk{--shiki-light:#F76D47;--shiki-default:#AB5959;--shiki-dark:#CB7676}html pre.shiki code .sbYkP, html code.shiki .sbYkP{--shiki-light:#39ADB5;--shiki-default:#B5695977;--shiki-dark:#C98A7D77}html pre.shiki code .sTbE_, html code.shiki .sTbE_{--shiki-light:#91B859;--shiki-default:#B56959;--shiki-dark:#C98A7D}html pre.shiki code .sHnae, html code.shiki .sHnae{--shiki-light:#39ADB5;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .s5Kfy, html code.shiki .s5Kfy{--shiki-light:#9C3EDA;--shiki-default:#AB5959;--shiki-dark:#CB7676}html pre.shiki code .sD-vU, html code.shiki .sD-vU{--shiki-light:#E2931D;--shiki-default:#2E8F82;--shiki-dark:#5DA994}html pre.shiki code .sm7ve, html code.shiki .sm7ve{--shiki-light:#39ADB5;--shiki-light-font-style:italic;--shiki-default:#B5695977;--shiki-default-font-style:inherit;--shiki-dark:#C98A7D77;--shiki-dark-font-style:inherit}html pre.shiki code .sVyVU, html code.shiki .sVyVU{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#B56959;--shiki-default-font-style:inherit;--shiki-dark:#C98A7D;--shiki-dark-font-style:inherit}html pre.shiki code .sJdAF, html code.shiki .sJdAF{--shiki-light:#6182B8;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .sRjD_, html code.shiki .sRjD_{--shiki-light:#E53935;--shiki-light-font-style:italic;--shiki-default:#393A34;--shiki-default-font-style:inherit;--shiki-dark:#DBD7CAEE;--shiki-dark-font-style:inherit}html pre.shiki code .sCyAa, html code.shiki .sCyAa{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#393A34;--shiki-default-font-style:inherit;--shiki-dark:#DBD7CAEE;--shiki-dark-font-style:inherit}html pre.shiki code .sBPpx, html code.shiki .sBPpx{--shiki-light:#E53935;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .siWMO, html code.shiki .siWMO{--shiki-light:#6182B8;--shiki-default:#393A34;--shiki-dark:#DBD7CAEE}html pre.shiki code .siDh9, html code.shiki .siDh9{--shiki-light:#39ADB5;--shiki-light-font-style:italic;--shiki-default:#1E754F;--shiki-default-font-style:inherit;--shiki-dark:#4D9375;--shiki-dark-font-style:inherit}html pre.shiki code .sVsLi, html code.shiki .sVsLi{--shiki-light:#39ADB5;--shiki-default:#AB5959;--shiki-dark:#CB7676}html pre.shiki code .sFGJz, html code.shiki .sFGJz{--shiki-light:#E53935;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .sljsM, html code.shiki .sljsM{--shiki-light:#6182B8;--shiki-default:#59873A;--shiki-dark:#80A665}html pre.shiki code .sqOPj, html code.shiki .sqOPj{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#B07D48;--shiki-default-font-style:inherit;--shiki-dark:#BD976A;--shiki-dark-font-style:inherit}html pre.shiki code .sYn-s, html code.shiki .sYn-s{--shiki-light:#E2931D;--shiki-default:#59873A;--shiki-dark:#80A665}html pre.shiki code .sa2tF, html code.shiki .sa2tF{--shiki-light:#E2931D;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .s3h35, html code.shiki .s3h35{--shiki-light:#F76D47;--shiki-default:#A65E2B;--shiki-dark:#C99076}html pre.shiki code .snCua, html code.shiki .snCua{--shiki-light:#90A4AE;--shiki-default:#999999;--shiki-dark:#666666}html pre.shiki code .sLdnO, html code.shiki .sLdnO{--shiki-light:#E53935;--shiki-default:#999999;--shiki-dark:#666666}html pre.shiki code .sSC40, html code.shiki .sSC40{--shiki-light:#90A4AE;--shiki-default:#B07D48;--shiki-dark:#BD976A}html pre.shiki code .sq3J1, html code.shiki .sq3J1{--shiki-light:#FF5370;--shiki-default:#1E754F;--shiki-dark:#4D9375}html pre.shiki code .suXOh, html code.shiki .suXOh{--shiki-light:#E53935;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .sQtxO, html code.shiki .sQtxO{--shiki-light:#E53935;--shiki-default:#B56959;--shiki-dark:#C98A7D}html pre.shiki code .s131V, html code.shiki .s131V{--shiki-light:#90A4AE;--shiki-default:#998418;--shiki-dark:#B8A965}html pre.shiki code .s8XtY, html code.shiki .s8XtY{--shiki-light:#39ADB5;--shiki-default:#1E754F;--shiki-dark:#4D9375}",{"title":1045,"searchDepth":1053,"depth":1060,"links":9284},[9285,9289,9294,9298,9302,9306,9309,9315],{"id":1032,"depth":1060,"text":1033,"children":9286},[9287,9288],{"id":1037,"depth":1078,"text":1038},{"id":1722,"depth":1078,"text":1723},{"id":1860,"depth":1060,"text":1861,"children":9290},[9291,9292,9293],{"id":1864,"depth":1078,"text":1865},{"id":1962,"depth":1078,"text":1963},{"id":2225,"depth":1078,"text":2226},{"id":2933,"depth":1060,"text":2934,"children":9295},[9296,9297],{"id":2937,"depth":1078,"text":2938},{"id":3734,"depth":1078,"text":3735},{"id":4421,"depth":1060,"text":4422,"children":9299},[9300,9301],{"id":4425,"depth":1078,"text":4426},{"id":5517,"depth":1078,"text":5518},{"id":6640,"depth":1060,"text":6641,"children":9303},[9304,9305],{"id":6644,"depth":1078,"text":6645},{"id":7173,"depth":1078,"text":7174},{"id":8064,"depth":1060,"text":8065,"children":9307},[9308],{"id":8068,"depth":1078,"text":8069},{"id":9197,"depth":1060,"text":9198,"children":9310},[9311,9312,9313,9314],{"id":9201,"depth":1078,"text":9202},{"id":9221,"depth":1078,"text":9222},{"id":9239,"depth":1078,"text":9240},{"id":9257,"depth":1078,"text":9258},{"id":9275,"depth":1060,"text":9276},"md",null,{},{"title":563,"description":1028},"P1C_A-KXFn7KwKxncT-3XEaFbCjVvDjqvT8GmSpyRXM",[9322,9324],{"title":559,"path":560,"stem":561,"description":9323,"children":-1},"SQL injection is one of the most dangerous web application vulnerabilities, allowing attackers to manipulate database queries and potentially access, modify, or delete sensitive data. Django's ORM provides robust protection against SQL injection attacks through parameterized queries and safe query construction.",{"title":567,"path":568,"stem":569,"description":9325,"children":-1},"HTTPS (HTTP Secure) is essential for protecting data in transit and ensuring the integrity and confidentiality of communications between clients and servers. This chapter covers implementing HTTPS in Django applications and configuring HTTP Strict Transport Security (HSTS) for enhanced security.",1772474939177]