Opened 10 years ago

Closed 10 years ago

Last modified 8 years ago

#95 closed defect (fixed)

Encourage people to change the TAMPER_SECRET

Reported by: Simon Willison Owned by: adrian
Component: Core (Other) Version:
Severity: normal Keywords:
Cc: Triage Stage: Design decision needed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

TAMPER_SECRET in source:django/trunk/django/middleware/admin.py#3 should be unique (and secret) for every deployed Django application. This needs to be mentioned in the documentation. The constant should probably be moved to settings.py rather than living in the middleware module.

Change History (1)

comment:1 Changed 10 years ago by adrian

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in [230]. Thanks, Simon!

Note: See TracTickets for help on using tickets.
Back to Top