Configurable hidden settings in debug mode

[munderwood@…]

Hi all,

I've ran into the case where I have a settings variable in settings.py that I would like to have displayed starred out or hidden when in debug mode, like the databases PASSWORD variable. It appears that if its name contains SECRET, PASSWORD, PROFANITIES_LIST or SIGNATURE then the debug view will hide it, but anything else it wont.

It would be nice from a user point of view to be able to add to this list of hidden keywords to hide specific things that dont fall under these four keywords.

Cheers

Mark

[Julien Phalip]

This is currently controlled by the HIDDEN_SETTINGS variable in source:django/trunk/django/views/debug.py#L18 as described in ​https://docs.djangoproject.com/en/dev/ref/settings/#debug and introduced in [1242].

However, there is no easy way for the developer to override this value. Perhaps a new global settings should be added.

[anonymous]

I think something along those lines would be appropriate

[Jacob]

I'm fairly sure this is a duplicate of another ticket involving more granular controls of what's hidden and not, but I can't find it now. Marking accepted, but potential patch writers beware: I will not accept a patch that solves this simply by introducing Yet Another Setting. Let's find a more elegant approach, please.

[Jochem]

I can't really think of a nice solution that doesn't involve Yet Another Setting™. In my opinion, if you want to keep the values for certain variables secret, just prefix their names with 'SECRET_'.