#35901: settings.DEBUG could reject non-empty string values (or in particular
"off", "no", "0", "disabled", "false", "False")
-----------------------------------+--------------------------------------
Reporter: Sebastian Pipping | Owner: (none)
Type: Uncategorized | Status: new
Component: Core (Other) | Version: dev
Severity: Normal | Resolution:
Keywords: security debug | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-----------------------------------+--------------------------------------
Comment (by Venkatesh S):
Thank you, Sebastian, for reporting this and for your detailed
explanation!
Our setup is handled this differently. However, I now see that, like many
projects, it could indeed be affected by unintended string evaluations if
values are drawn directly from .env files without parsing.
In our current Django configuration, we set DEBUG as a Boolean directly
rather than retrieving it from .env, which avoids this specific issue for
us.
Thank you!
--
Ticket URL: <https://code.djangoproject.com/ticket/35901#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/010701931712f88e-63875e45-3c75-41fd-8ace-4e69083eeb26-000000%40eu-central-1.amazonses.com.
