Mercurial > personas_backend

changeset 117:a8305e2ea47b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added TODOs in urls.py re: security holes.
author Atul Varma <varmaa@toolness.com>
date Mon, 31 Mar 2008 10:13:14 -0700
parents ae03ae3d91e9
children 6e74f85e3dcb
files PersonasBackend/urls.py
diffstat 1 files changed, 2 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/PersonasBackend/urls.py	Fri Mar 28 19:10:24 2008 -0700
+++ b/PersonasBackend/urls.py	Mon Mar 31 10:13:14 2008 -0700
@@ -6,6 +6,7 @@
 
 urlpatterns = patterns('',
     # Admin media
+    # TODO: Remove the static.serve, b/c it's supposedly insecure.
     (r'^%sadmin/media/(?P<path>.*)$' % settings.BASE_DIR,
      'django.views.static.serve',
      {'document_root': os.path.join( django.contrib.admin.__path__[0],
@@ -16,6 +17,7 @@
      include('django.contrib.admin.urls')),
 
     # Personas media
+    # TODO: Remove the static.serve, b/c it's supposedly insecure.
     (r'^%smedia/(?P<path>.*)$' % settings.BASE_DIR,
      'django.views.static.serve',
      {'document_root': settings.MEDIA_ROOT}),