Ps3 Debug Settings
Jayme Chouinard
A dictionary mapping "app_label.model_name" strings to functions that takea model object and return its URL. This is a way of inserting or overridingget_absolute_url() methods on a per-installation basis. Example:
A list of all the people who get code error notifications. WhenDEBUG=False and AdminEmailHandleris configured in LOGGING (done by default), Django emails thesepeople the details of exceptions raised in the request/response cycle.
A list of strings representing the host/domain names that this Django site canserve. This is a security measure to prevent HTTP Host header attacks, which are possible even under manyseemingly-safe web server configurations.
The CACHES setting must configure a default cache;any number of additional caches may also be specified. If youare using a cache backend other than the local memory cache, oryou need to define multiple caches, other options will be required.The following cache options are available.
The reason for setting a long-lived expiration time is to avoid problems inthe case of a user closing a browser or bookmarking a page and then loadingthat page from a browser cache. Without persistent cookies, the form submissionwould fail in this case.
Some browsers (specifically Internet Explorer) can disallow the use ofpersistent cookies or can have the indexes to the cookie jar corrupted on disk,thereby causing CSRF protection checks to (sometimes intermittently) fail.Change this setting to None to use session-based CSRF cookies, whichkeep the cookies in-memory instead of on persistent storage.
The domain to be used when setting the CSRF cookie. This can be useful foreasily allowing cross-subdomain requests to be excluded from the normal crosssite request forgery protection. It should be set to a string such as".example.com" to allow a POST request from a form on one subdomain to beaccepted by a view served from another subdomain.
As with other HTTP headers in request.META, the header name received fromthe server is normalized by converting all characters to uppercase, replacingany hyphens with underscores, and adding an 'HTTP_' prefix to the name.For example, if your client sends a 'X-XSRF-TOKEN' header, the settingshould be 'HTTP_X_XSRF_TOKEN'.
These checks prevent, for example, a POST request fromsubdomain.example.com from succeeding against api.example.com. If youneed cross-origin unsafe requests, continuing the example, add' ' to this list (and/or ifrequests originate from an insecure page).
A dictionary containing the settings for all databases to be used withDjango. It is a nested dictionary whose contents map a database aliasto a dictionary containing the options for an individual database.
When connecting to other database backends, such as MariaDB, MySQL, Oracle, orPostgreSQL, additional connection parameters will be required. Seethe ENGINE setting below on how to specifyother database types. This example is for PostgreSQL:
If set to True, existing persistent database connections will be health checked before they arereused in each request performing database access. If the health check fails,the connection will be reestablished without failing the request when theconnection is no longer usable but the database server is ready to accept andserve new connections (e.g. after database server restart closing existingconnections).
This setting exists to allow for testing of primary/replica(referred to as master/slave by some databases)configurations of multiple databases. See the documentation ontesting primary/replica configurations for details.
If the default value (None) is used with the SQLite database engine, thetests will use a memory resident database. For all other database engines thetest database will use the name 'test_' + DATABASE_NAME.
The maximum size in bytes that a request body may be before aSuspiciousOperation (RequestDataTooBig) israised. The check is done when accessing request.body or request.POSTand is calculated against the total request size excluding any file uploaddata. You can set this to None to disable the check. Applications that areexpected to receive unusually large form posts should tune this setting.
The maximum number of parameters that may be received via GET or POST before aSuspiciousOperation (TooManyFields) israised. You can set this to None to disable the check. Applications thatare expected to receive an unusually large number of form fields should tunethis setting.
The maximum number of files that may be received via POST in amultipart/form-data encoded request before aSuspiciousOperation (TooManyFiles) israised. You can set this to None to disable the check. Applications thatare expected to receive an unusually large number of file fields should tunethis setting.
The default formatting to use for displaying date fields in any part of thesystem. Note that the locale-dictated format has higher precedence and will beapplied instead. See allowed date format strings.
The default formatting to use for displaying datetime fields in any part of thesystem. Note that the locale-dictated format has higher precedence and will beapplied instead. See allowed date format strings.
One of the main features of debug mode is the display of detailed error pages.If your app raises an exception when DEBUG is True, Django willdisplay a detailed traceback, including a lot of metadata about yourenvironment, such as all the currently defined Django settings (fromsettings.py).
Still, note that there are always going to be sections of your debug outputthat are inappropriate for public consumption. File paths, configurationoptions and the like all give attackers extra information about your server.
This means that if you switch the value of DEFAULT_AUTO_FIELD and thengenerate migrations, the primary keys of the related models will beupdated, as will the foreign keys from the through table, but the primarykey of the auto-created through table will not be migrated.
Default email address for automated correspondence from the site manager(s).This address is used in the From: header of outgoing emails and can takeany format valid in the chosen email sending protocol.
List of compiled regular expression objects representing User-Agent stringsthat are not allowed to visit any page, systemwide. Use this for bots/crawlers.This is only used if CommonMiddleware is installed (seeMiddleware).
Whether to use a TLS (secure) connection when talking to the SMTP server.This is used for explicit TLS connections, generally on port 587. If you areexperiencing hanging connections, see the implicit TLS settingEMAIL_USE_SSL.
Whether to use an implicit TLS (secure) connection when talking to the SMTPserver. In most email documentation this type of TLS connection is referredto as SSL. It is generally used on port 465. If you are experiencing problems,see the explicit TLS setting EMAIL_USE_TLS.
The directory to store data to (typically files larger thanFILE_UPLOAD_MAX_MEMORY_SIZE) temporarily while uploading files.If None, Django will use the standard temporary directory for the operatingsystem. For example, this will default to /tmp on *nix-style operatingsystems.
A number representing the first day of the week. This is especially usefulwhen displaying a calendar. This value is only used when not usingformat internationalization, or when a format cannot be found for thecurrent locale.
If not None, this will be used as the value of the SCRIPT_NAMEenvironment variable in any HTTP request. This setting can be used to overridethe server-provided value of SCRIPT_NAME, which may be a rewritten versionof the preferred value or not supplied at all. It is also used bydjango.setup() to set the URL resolver script prefix outside of therequest/response cycle (e.g. in management commands and standalone scripts) togenerate correct URLs when FORCE_SCRIPT_NAME is provided.
A full Python path to a Python package that contains custom format definitionsfor project locales. If not None, Django will check for a formats.pyfile, under the directory named as the current locale, and will use theformats defined in this file.
When Django searches for a certain format, it will go through all given Pythonpaths until it finds a module that actually defines the given format. Thismeans that formats defined in packages farther up in the list will takeprecedence over the same formats in packages farther down.
List of compiled regular expression objects describing URLs that should beignored when reporting HTTP 404 errors via email (seeHow to manage error reporting). Regular expressions are matched againstrequest's full paths (includingquery string, if any). Use this if your site does not provide a commonlyrequested file such as favicon.ico or robots.txt.
A string representing the language code for this installation. This should be instandard language ID format. For example, U.S. Englishis "en-us". See also the list of language identifiers andInternationalization and localization.
Be cautious when updating this setting on a production site. If you updatethis setting to enable cross-domain cookies on a site that previously usedstandard domain cookies, existing user cookies that have the old domainwill not be updated. This will result in site users being unable to switchthe language as long as these cookies persist. The only safe and reliableoption to perform the switch is to change the language cookie namepermanently (via the LANGUAGE_COOKIE_NAME setting) and to adda middleware that copies the value from the old cookie to a new one and thendeletes the old one.
Be cautious when updating this setting on a production site. If you update thissetting to use a deeper path than it previously used, existing user cookies thathave the old path will not be updated. This will result in site users beingunable to switch the language as long as these cookies persist. The only safeand reliable option to perform the switch is to change the language cookie namepermanently (via the LANGUAGE_COOKIE_NAME setting), and to adda middleware that copies the value from the old cookie to a new one and thendeletes the one.
c80f0f1006