Thank you.
אורי
u...@speedy.net
On Fri, May 29, 2020 at 12:56 PM Sencer Hamarat
wrote:
> Hi Uri,
> Never expose whole settings anytime. settings is always includes sensitive
> data. At least DB access key and Django's secret value.
> This attitude is highly vulnerable. Anyone could access those
Hi Uri,
Never expose whole settings anytime. settings is always includes sensitive
data. At least DB access key and Django's secret value.
This attitude is highly vulnerable. Anyone could access those sensitive
data via response headers if you don't play settings without cautious.
Saygılarımla,
Se
Django users,
There was a discussion in Stack Overflow related to an answer of mine - how
to access settings from templates in Django [
https://stackoverflow.com/a/53953578/1412564]. And I would like to know -
is it generally unsafe to expose all my settings to templates and why?
Should I use the
3 matches
Mail list logo
