Opened 18 years ago

Last modified 13 years ago

#3195 closed enhancement

[patch] Documenting HIDDEN_SETTINGS — at Version 3

Reported by: cmgreen@… Owned by: Jacob
Component: Documentation Version: dev
Severity: normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description (last modified by Adrian Holovaty)

The HIDDEN_SETTINGS came in useful for a project where I was using REMOTE_USER_PASSWD and had the debug output pop up in a demo. If I had used PASSWORD, I would have not had that issue ;)

  --- docs/settings.txt   (revision 4248)
  +++ docs/settings.txt   (working copy)
  @@ -328,6 +328,13 @@

  A boolean that turns on/off debug mode.

  +If you define custom settings, django/views/debug.py has a
  +HIDDEN_SETTINGS regular expression which will hide from the DEBUG view
  +anything that matches ``'SECRET|PASSWORD|PROFANITIES_LIST'``.  Using this setting
  +allows untrusted users to be able to give backtraces without seeing
  +sensitive settings.
  +
  +

Change History (4)

by cmgreen@…, 18 years ago

Attachment: django-hiddensettings.patch added

possible patch for hidden settings documentation

comment:1 by Chris Beaven, 18 years ago

Summary: Documenting HIDDEN_SETTINGS[patch] Documenting HIDDEN_SETTINGS

comment:2 by Simon G. <dev@…>, 18 years ago

Triage Stage: UnreviewedReady for checkin

comment:3 by Adrian Holovaty, 18 years ago

Description: modified (diff)

Fixed formatting in description.

Note: See TracTickets for help on using tickets.
Back to Top