Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #13624: added SIGNATURE to the list of settings to hide on debu…

…g pages.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13315 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 2311bcbd016783d20a64b0b4d745318af0a1c0dd 1 parent 3180f93
Jacob Kaplan-Moss authored May 28, 2010
2  django/views/debug.py
@@ -12,7 +12,7 @@
12 12
 from django.utils.encoding import smart_unicode, smart_str
13 13
 
14 14
 
15  
-HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST')
  15
+HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST|SIGNATURE')
16 16
 
17 17
 def linebreak_iter(template_source):
18 18
     yield 0
5  docs/ref/settings.txt
@@ -494,8 +494,9 @@ A boolean that turns on/off debug mode.
494 494
 
495 495
 If you define custom settings, `django/views/debug.py`_ has a ``HIDDEN_SETTINGS``
496 496
 regular expression which will hide from the DEBUG view anything that contains
497  
-``'SECRET'``, ``'PASSWORD'``, or ``'PROFANITIES'``. This allows untrusted users to
498  
-be able to give backtraces without seeing sensitive (or offensive) settings.
  497
+``'SECRET'``, ``'PASSWORD'``, ``'PROFANITIES'``, or ``'SIGNATURE'``. This allows
  498
+untrusted users to be able to give backtraces without seeing sensitive (or
  499
+offensive) settings.
499 500
 
500 501
 Still, note that there are always going to be sections of your debug output that
501 502
 are inappropriate for public consumption. File paths, configuration options, and

0 notes on commit 2311bcb

Please sign in to comment.
Something went wrong with that request. Please try again.