#19679: Default "settings.py" does not adequately describe "SECRET_KEY" --------------------------------------------+------------------------------ Reporter: retail79174@… | Owner: nobody Type: Uncategorized | Status: new Component: Core (Management commands) | Version: 1.4 Severity: Normal | Keywords: settings secret Triage Stage: Unreviewed | key Easy pickings: 1 | Has patch: 1 | UI/UX: 0 --------------------------------------------+------------------------------ In Django 1.3.4, after creating a project, the file "settings.py" contains the comment # Make this unique, and don't share it with anybody. for "SECRET_KEY". This is not clear for several reasons:
1. It implies that the Django administrator has to do something to make it unique, 2. Does not describe if and when it should ever be edited, and 3. "don't share it" is ambiguous, especially for non-native English speakers. The message should be changed to something like: # This secret key was randomly-generated when you created your project; it is # used for session encryption among other things. Do not change it unless you # need to share session information among multiple Django sites. Make sure # to protect it from being read by outsiders, or your site security may be # compromised. -- Ticket URL: <https://code.djangoproject.com/ticket/19679> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.