Opened 12 years ago

Closed 12 years ago

Last modified 7 years ago

#3195 closed enhancement (fixed)

[patch] Documenting HIDDEN_SETTINGS

Reported by: cmgreen@… Owned by: Jacob
Component: Documentation Version: master
Severity: normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description (last modified by Adrian Holovaty)

The HIDDEN_SETTINGS came in useful for a project where I was using REMOTE_USER_PASSWD and had the debug output pop up in a demo. If I had used PASSWORD, I would have not had that issue ;)

  --- docs/settings.txt   (revision 4248)
  +++ docs/settings.txt   (working copy)
  @@ -328,6 +328,13 @@

  A boolean that turns on/off debug mode.

  +If you define custom settings, django/views/ has a
  +HIDDEN_SETTINGS regular expression which will hide from the DEBUG view
  +anything that matches ``'SECRET|PASSWORD|PROFANITIES_LIST'``.  Using this setting
  +allows untrusted users to be able to give backtraces without seeing
  +sensitive settings.

Attachments (1)

django-hiddensettings.patch (579 bytes) - added by cmgreen@… 12 years ago.
possible patch for hidden settings documentation

Download all attachments as: .zip

Change History (7)

Changed 12 years ago by cmgreen@…

Attachment: django-hiddensettings.patch added

possible patch for hidden settings documentation

comment:1 Changed 12 years ago by Chris Beaven

Summary: Documenting HIDDEN_SETTINGS[patch] Documenting HIDDEN_SETTINGS

comment:2 Changed 12 years ago by Simon G. <dev@…>

Triage Stage: UnreviewedReady for checkin

comment:3 Changed 12 years ago by Adrian Holovaty

Description: modified (diff)

Fixed formatting in description.

comment:4 Changed 12 years ago by Adrian Holovaty

Patch needs improvement: set
Triage Stage: Ready for checkinAccepted

The patch puts the documentation in the section devoted to the DEBUG setting. I think this isn't the best place for it. Better would be to have a full section of documentation (probably in a separate document) that is devoted to the debug page itself.

comment:5 Changed 12 years ago by Jacob

Resolution: fixed
Status: newclosed

(In [4620]) Fixed #3195: added a note in settings.txt about DEBUG and HIDDEN_SETTINGS. Thanks, cmgreen@…

comment:6 Changed 7 years ago by anonymous

Easy pickings: unset
UI/UX: unset

In addition, shouldn't this be configurable in

Note: See TracTickets for help on using tickets.
Back to Top