Add --deploy option to check management command
|Reported by:||carljm||Owned by:||timgraham|
|Component:||Core (Management commands)||Version:||master|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
There has been discussion of integrating something similar to django-secure into Django core, to help users check some common deployment mis-configurations. We probably want to use a name like "checkdeploy" rather than "checksecure", both to allow for a broader range of checks to be included, and to avoid giving users a false sense that a successful runs means their code is secure.
This would include checking SESSION_COOKIE_SECURE, SESSION_COOKIE_HTTPONLY, X_FRAME_OPTIONS (and the middleware); these are all things which django-secure currently checks.
It could also include checking for common python path issues, existence of 500/404 templates (if you're using the default 404/500 handlers)...
And of course it should be pluggable so third-party apps can provide additional checks that users can include (and users should be able to disable built-in checks if they determine it doesn't apply to them for whatever reason).
Change History (4)
comment:2 Changed 12 months ago by timgraham
- Has patch set
- Owner changed from nobody to timgraham
- Patch needs improvement set
- Status changed from new to assigned
- Version changed from 1.3 to master
comment:3 Changed 12 months ago by timgraham
- Patch needs improvement unset
- Summary changed from Add "checkdeploy" management command to Add --deploy option to check management command