]> git.openstreetmap.org Git - osqa.git/blob - settings.py
Fixes OSQA 455. Multiple cross site scripting(XSS) vulnerabilities.
[osqa.git] / settings.py
1 # encoding:utf-8
2 # Django settings for lanai project.
3 import os.path
4 import sys
5
6 SITE_ID = 1
7
8 ADMIN_MEDIA_PREFIX = '/admin_media/'
9 SECRET_KEY = '$oo^&_m&qwbib=(_4m_n*zn-d=g#s0he5fx9xonnym#8p6yigm'
10 # List of callables that know how to import templates from various sources.
11 TEMPLATE_LOADERS = (
12     'django.template.loaders.filesystem.load_template_source',
13     'django.template.loaders.app_directories.load_template_source',
14     'forum.modules.module_templates_loader',
15     'forum.skins.load_template_source',
16 #     'django.template.loaders.eggs.load_template_source',
17 )
18
19 MIDDLEWARE_CLASSES = [
20     #'django.middleware.gzip.GZipMiddleware',
21     'django.contrib.sessions.middleware.SessionMiddleware',
22     #'django.middleware.locale.LocaleMiddleware',
23     #'django.middleware.cache.UpdateCacheMiddleware',
24     'django.middleware.common.CommonMiddleware',
25     #'django.middleware.cache.FetchFromCacheMiddleware',
26     'forum.middleware.extended_user.ExtendedUser',
27     #'django.middleware.sqlprint.SqlPrintingMiddleware',
28     'forum.middleware.anon_user.ConnectToSessionMessagesMiddleware',
29     'forum.middleware.request_utils.RequestUtils',
30     'forum.middleware.cancel.CancelActionMiddleware',
31     #'recaptcha_django.middleware.ReCaptchaMiddleware',
32     'django.middleware.transaction.TransactionMiddleware',
33 ]
34
35 TEMPLATE_CONTEXT_PROCESSORS = (
36     'django.core.context_processors.request',
37     'forum.context.application_settings',
38     #'django.core.context_processors.i18n',
39     'forum.user_messages.context_processors.user_messages',#must be before auth
40     'django.core.context_processors.auth', #this is required for admin
41 )
42
43 ROOT_URLCONF = 'urls'
44
45 TEMPLATE_DIRS = (
46     os.path.join(os.path.dirname(__file__),'forum','skins').replace('\\','/'),
47 )
48
49 #UPLOAD SETTINGS
50 FILE_UPLOAD_TEMP_DIR = os.path.join(os.path.dirname(__file__), 'tmp').replace('\\','/')
51 FILE_UPLOAD_HANDLERS = ("django.core.files.uploadhandler.MemoryFileUploadHandler",
52  "django.core.files.uploadhandler.TemporaryFileUploadHandler",)
53 DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage'
54 # for user upload
55 ALLOW_FILE_TYPES = ('.jpg', '.jpeg', '.gif', '.bmp', '.png', '.tiff')
56 # unit byte
57 ALLOW_MAX_FILE_SIZE = 1024 * 1024
58
59 # User settings
60 from settings_local import *
61
62 INSTALLED_APPS = [
63     'django.contrib.auth',
64     'django.contrib.contenttypes',
65     'django.contrib.sessions',
66     'django.contrib.sites',
67     'django.contrib.admin',
68     'django.contrib.humanize',
69     'django.contrib.sitemaps',
70     'django.contrib.markup',
71     'forum',
72 ]
73
74 if DEBUG:
75     try:
76         import debug_toolbar
77         MIDDLEWARE_CLASSES.append('debug_toolbar.middleware.DebugToolbarMiddleware')
78         INSTALLED_APPS.append('debug_toolbar')
79     except:
80         pass
81
82 try:
83     import south
84     INSTALLED_APPS.append('south')
85 except:
86     pass
87
88 if not DEBUG:
89     try:
90         import rosetta
91         INSTALLED_APPS.append('rosetta')
92     except:
93         pass
94
95 AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.ModelBackend',]