Opened 19 years ago

Closed 19 years ago

Last modified 17 years ago

#95 closed defect (fixed)

Encourage people to change the TAMPER_SECRET

Reported by: Simon Willison Owned by: Adrian Holovaty
Component: Core (Other) Version:
Severity: normal Keywords:
Cc: Triage Stage: Design decision needed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

TAMPER_SECRET in source:django/trunk/django/middleware/admin.py#3 should be unique (and secret) for every deployed Django application. This needs to be mentioned in the documentation. The constant should probably be moved to settings.py rather than living in the middleware module.

Change History (1)

comment:1 by Adrian Holovaty, 19 years ago

Resolution: fixed
Status: newclosed

Fixed in [230]. Thanks, Simon!

Note: See TracTickets for help on using tickets.
Back to Top