Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #13624: added SIGNATURE to the list of settings to hide on debu…

…g pages.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13315 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 2311bcbd016783d20a64b0b4d745318af0a1c0dd 1 parent 3180f93
Jacob Kaplan-Moss jacobian authored
Showing with 4 additions and 3 deletions.
  1. +1 −1  django/views/debug.py
  2. +3 −2 docs/ref/settings.txt
2  django/views/debug.py
View
@@ -12,7 +12,7 @@
from django.utils.encoding import smart_unicode, smart_str
-HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST')
+HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST|SIGNATURE')
def linebreak_iter(template_source):
yield 0
5 docs/ref/settings.txt
View
@@ -494,8 +494,9 @@ A boolean that turns on/off debug mode.
If you define custom settings, `django/views/debug.py`_ has a ``HIDDEN_SETTINGS``
regular expression which will hide from the DEBUG view anything that contains
-``'SECRET'``, ``'PASSWORD'``, or ``'PROFANITIES'``. This allows untrusted users to
-be able to give backtraces without seeing sensitive (or offensive) settings.
+``'SECRET'``, ``'PASSWORD'``, ``'PROFANITIES'``, or ``'SIGNATURE'``. This allows
+untrusted users to be able to give backtraces without seeing sensitive (or
+offensive) settings.
Still, note that there are always going to be sections of your debug output that
are inappropriate for public consumption. File paths, configuration options, and
Please sign in to comment.
Something went wrong with that request. Please try again.