Add --deploy option to check management command
|Reported by:||Carl Meyer||Owned by:||Tim Graham|
|Component:||Core (Management commands)||Version:||master|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
There has been discussion of integrating something similar to django-secure into Django core, to help users check some common deployment mis-configurations. We probably want to use a name like "checkdeploy" rather than "checksecure", both to allow for a broader range of checks to be included, and to avoid giving users a false sense that a successful runs means their code is secure.
This would include checking SESSION_COOKIE_SECURE, SESSION_COOKIE_HTTPONLY, X_FRAME_OPTIONS (and the middleware); these are all things which django-secure currently checks.
It could also include checking for common python path issues, existence of 500/404 templates (if you're using the default 404/500 handlers)...
And of course it should be pluggable so third-party apps can provide additional checks that users can include (and users should be able to disable built-in checks if they determine it doesn't apply to them for whatever reason).
Change History (4)
comment:2 Changed 3 years ago by
|Owner:||changed from nobody to Tim Graham|
|Patch needs improvement:||set|
|Status:||new → assigned|
|Version:||1.3 → master|
comment:3 Changed 3 years ago by
|Patch needs improvement:||unset|
|Summary:||Add "checkdeploy" management command → Add --deploy option to check management command|