diff options
| author | Aymeric Augustin <aymeric.augustin@m4x.org> | 2012-03-01 21:38:45 +0000 |
|---|---|---|
| committer | Aymeric Augustin <aymeric.augustin@m4x.org> | 2012-03-01 21:38:45 +0000 |
| commit | 45570580839ce2e4e4674b42375dbc1300f91f14 (patch) | |
| tree | 9095670a55a888f4363a98a2da0948c8d0972cc0 | |
| parent | d0f162c73c35b304e1cf9a8133b3a8f54fd3f740 (diff) | |
Fixed #17800 -- Prevented Django from starting without a SECRET_KEY, since that opens a variety of security problems. Thanks PaulM for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17611 bcc190cf-cafb-0310-a4f2-bffc1f526a37
| -rw-r--r-- | django/conf/__init__.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/django/conf/__init__.py b/django/conf/__init__.py index 97f26e9aa3..c887890a0c 100644 --- a/django/conf/__init__.py +++ b/django/conf/__init__.py @@ -106,6 +106,9 @@ class Settings(BaseSettings): setting_value = (setting_value,) # In case the user forgot the comma. setattr(self, setting, setting_value) + if not self.SECRET_KEY: + raise ValueError("The SECRET_KEY setting mustn't be empty.") + if hasattr(time, 'tzset') and self.TIME_ZONE: # When we can, attempt to validate the timezone. If we can't find # this file, no check happens and it's harmless. |
