From b7f500396e05cd1f0bb8901fce16e2d8393d2779 Mon Sep 17 00:00:00 2001 From: Artem Kosenko Date: Mon, 13 Jul 2020 20:40:38 +0300 Subject: Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenerated default keys. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews. --- tests/check_framework/test_security.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests/check_framework') diff --git a/tests/check_framework/test_security.py b/tests/check_framework/test_security.py index 270fece659..8225b99995 100644 --- a/tests/check_framework/test_security.py +++ b/tests/check_framework/test_security.py @@ -1,5 +1,6 @@ from django.conf import settings from django.core.checks.security import base, csrf, sessions +from django.core.management.utils import get_random_secret_key from django.test import SimpleTestCase from django.test.utils import override_settings @@ -394,6 +395,12 @@ class CheckSecretKeyTest(SimpleTestCase): def test_none_secret_key(self): self.assertEqual(base.check_secret_key(None), [base.W009]) + @override_settings( + SECRET_KEY=base.SECRET_KEY_INSECURE_PREFIX + get_random_secret_key() + ) + def test_insecure_secret_key(self): + self.assertEqual(base.check_secret_key(None), [base.W009]) + @override_settings(SECRET_KEY=('abcdefghijklmnopqrstuvwx' * 2) + 'a') def test_low_length_secret_key(self): self.assertEqual(len(settings.SECRET_KEY), base.SECRET_KEY_MIN_LENGTH - 1) -- cgit v1.3