I'm learning Django and still very new at it. And like a newbie, I may have
made a newbie goof.
I have leaked my CSRF token.
I am building up a web site with Django which I have under revision control
with Git. I have pushed two commits of the project out to Github. The
commits included the sett
Hello,
you may force-push a new commit that removes the settings file from the
GitHub repo, but if you are really paranoid, you may want to change your
CSRF token in production immediately. It may cause some temporary annoyance
to your users, but nothing long-term.
Best,
Gergely
2015-09-25 8:03
On Fri, Sep 25, 2015 at 7:03 AM, Gordon Reeder wrote:
> I'm learning Django and still very new at it. And like a newbie, I may have
> made a newbie goof.
> I have leaked my CSRF token.
> I am building up a web site with Django which I have under revision control
> with Git. I have pushed two commi
On Fri, Sep 25, 2015 at 12:01 PM, Tom Evans wrote:
> However, what is stored in settings is your SECRET_KEY. If you have
> leaked it, you should change it immediately. This will invalidate..
Helpfully, the django documentation for SECRET_KEY details precisely
what cycling it will invalidate, so y
Gordon
As others have said, you need to keep such stuff out of your repo.
For that I wrote a little file parser called getcreds.py (see below) to
read plain text files and retrieve the necessary info for settings.
eg., from my settings.py ...
# keep all credentials in separate fname files in
Thanks Gergeley,
You jux ended three days of misery.
--
Agbeko Frank
+233 0243 013 730
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsub
I'm using django-stdimage for creating variations of the image.
class Photo(models.Model):
photo = StdImageField(upload_to='photos', verbose_name=_("photo"),
variations={'large': (600, 600), 'thumbnail': (100, 100)}
StdImageField does it's own operations on the image
Thanks luisza14 !
On Thursday, September 24, 2015 at 1:30:46 PM UTC-7, luisza14 wrote:
>
>
> http://oscarcommerce.com/
>
> or https://www.djangopackages.com/grids/g/ecommerce/
>
> 2015-09-24 13:42 GMT-06:00 Paul Savignano :
>
>> Hi Django-users,
>> I am somewhat new to Django and have a client int
8 matches
Mail list logo
