Context Navigation

← Previous Ticket
Next Ticket →

#3195 closed enhancement (fixed)

[patch] Documenting HIDDEN_SETTINGS

Reported by:	cmgreen@…	Owned by:	Jacob
Component:	Documentation	Version:	dev
Severity:	normal	Keywords:
Cc:		Triage Stage:	Accepted
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	yes
Easy pickings:	no	UI/UX:	no

Description (last modified by Adrian Holovaty)

The HIDDEN_SETTINGS came in useful for a project where I was using REMOTE_USER_PASSWD and had the debug output pop up in a demo. If I had used PASSWORD, I would have not had that issue ;)

  --- docs/settings.txt   (revision 4248)
  +++ docs/settings.txt   (working copy)
  @@ -328,6 +328,13 @@

  A boolean that turns on/off debug mode.

  +If you define custom settings, django/views/debug.py has a
  +HIDDEN_SETTINGS regular expression which will hide from the DEBUG view
  +anything that matches ``'SECRET|PASSWORD|PROFANITIES_LIST'``.  Using this setting
  +allows untrusted users to be able to give backtraces without seeing
  +sensitive settings.
  +
  +

Attachments (1)

django-hiddensettings.patch (579 bytes ) - added by cmgreen@… 18 years ago.: possible patch for hidden settings documentation

Download all attachments as: .zip

Change History (7)

by cmgreen@…, 18 years ago

Attachment:	django-hiddensettings.patch added

possible patch for hidden settings documentation

comment:1 by Chris Beaven, 18 years ago

Summary:	Documenting HIDDEN_SETTINGS → [patch] Documenting HIDDEN_SETTINGS

comment:2 by Simon G. <dev@…>, 18 years ago

Triage Stage:	Unreviewed → Ready for checkin

comment:3 by Adrian Holovaty, 18 years ago

Description:	modified (diff)

Fixed formatting in description.

comment:4 by Adrian Holovaty, 18 years ago

Patch needs improvement:	set
Triage Stage:	Ready for checkin → Accepted

The patch puts the documentation in the section devoted to the DEBUG setting. I think this isn't the best place for it. Better would be to have a full section of documentation (probably in a separate document) that is devoted to the debug page itself.

comment:5 by Jacob, 18 years ago

Resolution:	→ fixed
Status:	new → closed

(In [4620]) Fixed #3195: added a note in settings.txt about DEBUG and HIDDEN_SETTINGS. Thanks, cmgreen@…

comment:6 by anonymous, 13 years ago

Easy pickings:	unset
UI/UX:	unset

In addition, shouldn't this be configurable in settings.py?

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues