I'm not convinced that a system check promoting security by obscurity adds much value. The original poster wrote "sometimes it can be a security concern." Maybe that's the case (how so?) but for most sites I would say it's not. On Wednesday, November 18, 2020 at 7:33:47 AM UTC-5 Carles Pina Estany wrote:
> > Hi, > > On Nov/16/2020, Carles Pina i Estany wrote: > > > Either way: I'd be happy to write a django check to make sure that > > 'admin/' is not routed to admin. > > Regarding this check: this morning I've done a very preliminary/for fun > draft to play with. > > > https://github.com/cpina/django/commit/199c2fb26dc6b323195b8136bda596d1cc9857f1 > > I'm not sure what is the best way to check if /admin is routed to > django.contrib.admin. At the moment it's doing: > > resolve(admin_url)._func_path == 'django.contrib.admin.sites.index' > > Yes, I know! :-) > > I could also do something along the lines of: > resolve(admin_url).func.admin_site == admin.site > > This causes problems on the unit test side (need to import admin.site). > Still I don't really like it. > > Does anyone have any better suggestions or comments? (or code pointer). > Otherwise later on I'll have another look. > > Thank you very much, > > -- > Carles Pina i Estany > https://carles.pina.cat > -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/df485a53-2ad2-461f-95c8-f8f3857d67dbn%40googlegroups.com.
