#24994: Document/check that settings.SECRET_KEY should be a valid unicode string
-------------------------------------+-------------------------------------
Reporter: bmispelon | Owner: nobody
Type: | Status: new
Cleanup/optimization |
Component: Core (System | Version: 1.8
checks) |
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by timgraham):
Would it be correct to check that `force_text(SECRET_KEY)` and
`force_bytes(SECRET_KEY)` don't throw an exception? There's logic in
`django/conf/__init__.py` to verify that `SECRET_KEY` isn't an empty, so
maybe the check could be done there. On the other hand, it wouldn't be
nice to break sites that are functioning with keys that don't meet these
requirements. Did you find out how someone ended up with a broken key in
the first place?
--
Ticket URL: <https://code.djangoproject.com/ticket/24994#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/067.e385193c77e2dfa89f483faec0f3d348%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
