Fabrik is built with DEBUG settings - Githubissues

Cloud-CV / Fabrik

:factory: Collaboratively build, visualize, and design neural nets in browser

GNU General Public License v3.0

1.12k stars 235 forks source link

Fabrik is built with DEBUG settings #512

Open TimVanMourik opened 5 years ago

TimVanMourik commented 5 years ago

To reproduce:

Go to http://fabrik.cloudcv.org
Click on the GitHub Login button

Behaviour

Because the GitHub login throws an error, a Django debug page is shown and your environment variables are there to see for public. Nothing sensitive (no SECRET_KEY and all), but still.

Expected behaviour

An error 500 screen should be shown.

Suggested solution

Currently the production settings are probably using the regular settings file with DEBUG=True hard-coded in them: https://github.com/Cloud-CV/Fabrik/blob/master/settings/common.py line 14

Either make a separate production settings file or read the DEBUG setting from an environment variable: DEBUG=os.getenv('DEBUG', default_value)

ajitesh-30 commented 5 years ago

@TimVanMourik Can i work on this issue .