Warning
覆写设置项时,特别是在默认值为空元组()或是空字典{}的情况下,要格外谨慎。比如 MIDDLEWARE_CLASSES 和 TEMPLATE_CONTEXT_PROCESSORS 。要确保其包含你要用到的Django特性。
接下来我们会按照字母顺序展示所有的可用设置项及其默认值。
默认值: {} (空字典)
该设置项为一个字典,用于将 "app_label.model_name" 字符串与函式进行映射。函式接受一个model对象做为参数并返回该对象的网址。 这相当于在其中的每个应用的底层上重载 get_absolute_url() 方法,例如:
ABSOLUTE_URL_OVERRIDES = {
'blogs.weblog': lambda o: "/blogs/%s/" % o.slug,
'news.story': lambda o: "/stories/%s/%s/" % (o.pub_year, o.slug),
}
注意用于该设置项的model字符串无论其实际名称是什么,在此处都应该设为小写。
默认项: () (空元组)
一个settings元组,用于存放django自带管理后台要用到的 settings 模块(格式如 'foo.bar.baz' ),
自带的管理后台在对models,视图和模板标签的自动内省的文档中会用到该设置。
默认值: () (空元组)
该元组内存放的是可以接收代码错误通知的用户。当 DEBUG=False 时,如果某个视图(view)抛出异常,Django就会将带有详细异常信息的以邮件的形式发送给上述用户。 元组中的每个成员应该是一个形如(完整名称,邮件地址)的二元组,例如:
(('John', 'john@example.com'), ('Mary', 'mary@example.com'))
要注意:无论何时,只要有错误发生,元组中的 所有用户 都会收到Django发送的邮件。 wrongway特别提醒:有时这些错误会很多很烦,比如某些2B爬虫访问了某个不存的网址。 详见 Error reporting
默认值: () (空元组)
该元组内存放的是表示嵌入文件根路径的字符串——只有在某字符串存在于该元组的情况下,Django的 {% ssi %} 模板标签才会嵌入以其为前缀的文件。 这样做是出于安全考虑,从而使模板作者不能访问到他们不该访问的文件。
举个例子,我们将 ALLOWED_INCLUDE_ROOTS 设为 ('/home/html', '/var/www') , 那么 {% ssi /home/html/foo.txt %} 是有效的,而 ``{% ssi /etc/passwd %}`` 则是无效的。
默认值: True
设为 True 时,如果请求的URL与URLconf中的任何一个URL模式都不匹配,且URL并没有以斜杠结尾,那么Django就会重定向到以斜杠结尾的相同网址。 要注意的是,重定向可能会导致某些POST请求所提交的数据丢失。
APPEND_SLASH 设置项只有在安装了 CommonMiddleware 的情况下才会生效。 (详见 Middleware中间件)。 也可参见 PREPEND_WWW 。
默认值: ('django.contrib.auth.backends.ModelBackend',)
是一个存放用户认址后端类(authentication backend class)的元组,用于于认证用户详见 用户认证后端文档 。
默认值:
{
'default': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
}
}
该设置项包含了Django会用到的所有缓存设置。这是一个嵌套的字典,其中的每个键名(即缓存项别名)都对应一个存放缓存选项的字典。
CACHES 字典中必须包含一个 default 缓存;其他缓存可以随意命名。 如果你正在使用缓存的并非是本地内存缓存,或者你想定义多个缓存,就要用到其他选项。 以下就是可用的缓存选项:
默认值: '' (空字符串)
要使用的缓存后端。内置的缓存后端有以下几种:
我们可以将:setting:BACKEND <CACHE-BACKEND> 设为某个缓存后端的可访问路径(例如 mypackage.backends.whatever.WhateverCache),以使用非Django内置的第三方缓存。 您不妨参考其他后端,从头编写一个完整的新缓存后端,以此做为一个读者练习。
Note
在Django1.3之前,我们使用以后端类型名为前缀的URI来表示Django内置的缓存后端(比如,使用``’db://tablename’`` 表示使用数据库缓存后端)。 我们不建议使用这种格式,它会在Django1.5中彻底去除。
一个形如’xxxx.xxxx.xxx.xxx’的路径字符串,表示一个函式的可访问路径。该函式决定了如何将前缀,版本以及键名拼装成最终的缓存键。 默认的实现方法如下:
def make_key(key, key_prefix, version):
return ':'.join([key_prefix, str(version), smart_str(key)])
如果你想使用自定义的函式,新函式只需与上述参数相同即可。
详见 缓存文档 。
默认值: '' (空字符串)
要使用的缓存位置。它可以是文件系统缓存的一个目录,也可以是memcache服务器的主机和端口,或是仅仅是本地内存缓存的一个简单标识名称:
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.filebased.FileBasedCache',
'LOCATION': '/var/tmp/django_cache',
}
}
默认值: False
如果为 True ,只有匿名请求(例如非登录用户的请求)才会被缓存。否则,缓存中间件会缓存每一张没有GET和POST传入参数的网页。
将该设置设为 True 时,要在middleware中添加 AuthenticationMiddleware 。
默认值: None
设置启用CSRF cookie的站点。它可以轻易地将跨站请求伪造与正常的跨子站请求区分开。 该设置项的格式应该类似 ".lawrence.com" ,以允许由一个子站表单发出的POST请求可以被另一个子站的视图(view)所接收。
请注意该设置项的存在并不意味着:在默认情况下,Django的CSRF防护对于跨子站攻击就是安全的。详见 CSRF 限制 一节。
默认值: 'csrftoken'
用于CSRF认证令牌的cookie名称。可以是任何名称,详见 Cross Site Request Forgery protection.
默认值: '/'
应用于CSRF cookie的路径。它应该匹配你的Django应用的URL路径,或是该路径的父路径。
如果你在同一台主机上运行多个Django实例时,该设定会非常有用。它们各自使用不同的cookie路径,每个实例只能看到自己的CSRF cookie。
默认值: False
是否对CSRF cookie进行加密。如果设为 True ,cookie将被标识为 “secure” ,这意味着浏览器确保该cookie只能通过HTTPS链接发送。
默认值: 'django.views.csrf.csrf_failure'
一个形如’xxxx.xxxx.xxx.xxx’的函式路径字符串,该视图函式在请求被CSRF防护拒绝时发挥作用。 该函式结构如下:
def csrf_failure(request, reason="")
其中的 reason 是一个短消息(对于开发者或是日志比较有用,一般用户对此并不关注) ,表示当前请求被拒绝的原因。详见 Cross Site Request Forgery protection.
默认值: {} (空字典)
该设置项是一个嵌套的字典,包含了Django会用到的所有数据库设置。 其中的每个字典项都以数据库别名做为键值,对应一个存放该数据库选项的字典。
DATABASES 字典中必须定义一个 default 数据库;其他数据库可以随意命名。
最简单的设置就是安装的一个单独的SQLite文件数据库。设置如下:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': 'mydatabase'
}
}
对于其他数据库后端或是更灵活的SQLite配置而言,就要用到其他选项,下面就介绍其中所有的数据库选项。
默认值: '' (空符串)
要使用的数据库后端。Django内置的数据库后端有:
我们可以通过设置 ``ENGINE`` 而使用非Django提供的第三方数据库后端——将其设为某个后端的可访问路径,例如 mypackage.backends.whatever)。您不妨参考其他后端,从头编写一个完整的新数据库后端,以此做为一个读者练习。
Note
在Django1.2之前,我们使用一个短名称来表示Django内置的数据库后端(比如,使用``’sqlite3’`` 表示使用SQLite数据库后端)。 我们不建议使用这种格式,它已在Django1.4中彻底去除 。
默认值: '' (空字符串)
表示连接数据库使用哪台主机。空字符串表示本地(localhost)。使用SQLite时该项无效。
如果我们使用的是MySQL,且设置值以反斜杠 ('/') 开头时,MySQL将通过Unix socket链接某个指定的socket。举个例子:
"HOST": '/var/run/mysql'
同样仍是使用Mysql,如果该值并未以反斜杠开头,那么该值就表示某个主机名或是IP。
使用PostgreSQL时,空字符串表示使用Unix domain socket进行连接,而不是进行本地连接。 如果你想明确指定PostgreSQL连接本地机器,此外就要填写为 localhost 。
默认值: '' (空字符串)
使用的数据库名称。对SQLite而言,该设置就是数据库文件的完整路径。要注意的是,指定文件路径时 一定要使用斜杠,即便是在Windows平台也是如此 (比如 C:/homes/user/mysite/sqlite3.db)。
默认值: {} (空字典)
连接数据库时要用到的其他选项。Django根据不同的数据库后端使用不同的选项。
具体的选项信息可参见 数据库后端 文档,以了解您选用的数据库后端有哪些可用的选项。
默认值: None
创建测试数据库时使用的字符集编码方案。因为该值是直接传给数据库的,所以它的格式是由数据库后端指定的。
该设置项对 PostgreSQL (postgresql_psycopg2) 和 MySQL (mysql) 后端有效。
默认值: None
创建测试数据库时使用的排序顺利。因为该值是直接传给后端的,所以它的格式由数据库后端所决定。
仅仅支持 mysql 后端 (详见 MySQL manual )。
默认值: 对其他非 default 且没有依赖关联的数据库而言,默认值就是 ['default'] 。
数据库依赖关联的创建顺序。详见文档 控制测试数据库的创建顺序 。
默认值: None
运行测试案例时使用的数据库的名称。
使用SQLite数据库时,如果使用默认值 (None) ,测试时就会使用一个驻留内存的数据库。 对于其他数据库引擎来说,测试时的数据库名称就是 'test_' + DATABASE_NAME 。
默认值: None
该项只适用于Oracle数据库。
运行测试时连接Oracle数据库所使用的用户名。如果为空,Django会使用 'test_' + USER 做为默认用户名。
默认值: None
该项只适用于Oracle数据库。
运行测试时使用的临时表空间的名称。如果为空,Django会使用 'test_' + NAME + '_temp' 做为临时表空间的名称。
默认值: [] (空列表)
该路由列表决定了执行一个数据库查询时使用哪个数据库。
详见 使用多数据库配置时自切切换数据库路由 。
默认值: 'N j, Y' (e.g. Feb. 4, 2003)
显示日期字段时所使用的默认格式,与系统无关。要注意当 USE_L10N 被设为 True 时, 本地语言环境所指定的格式拥有更高的优先级并取代该设置项。详见 日期格式字符串 。
DATETIME_FORMAT , TIME_FORMAT 和 SHORT_DATE_FORMAT 亦是如此。
默认值::
(‘%Y-%m-%d’, ‘%m/%d/%Y’, ‘%m/%d/%y’, ‘%b %d %Y’, ‘%b %d, %Y’, ‘%d %b %Y’, ‘%d %b, %Y’, ‘%B %d %Y’, ‘%B %d, %Y’, ‘%d %B %Y’, ‘%d %B, %Y’)
该项是一个元组,表示日期字段上可用的日期输入格式。 Django会按顺序尝试元组内的日期格式,直至得到匹配正确的有效结果为止。 要注意这些格式字符串使用的是Python内置的 datetime 模块的语法,而非 Django的 date 模板标签所用的格式字符串。
当 USE_L10N 设为 True 时, 本地语言环境所指定的格式比该设置项拥有更高的优先级。
默认值: 'N j, Y, P' (e.g. Feb. 4, 2003, 4 p.m.)
显示日期时间字段时所使用的默认格式,与系统无关。要注意当 USE_L10N 被设为 True 时, 本地语言环境所指定的格式拥有更高的优先级并取代该设置项。详见 日期格式字符串.
DATE_FORMAT, TIME_FORMAT 和 SHORT_DATETIME_FORMAT 亦是如此。
默认值::
(‘%Y-%m-%d %H:%M:%S’, ‘%Y-%m-%d %H:%M’, ‘%Y-%m-%d’, ‘%m/%d/%Y %H:%M:%S’, ‘%m/%d/%Y %H:%M’, ‘%m/%d/%Y’, ‘%m/%d/%y %H:%M:%S’, ‘%m/%d/%y %H:%M’, ‘%m/%d/%y’)
该项是一个元组,表示日期时间字段上可用的输入格式。 Django会按顺序尝试元组内的日期时间格式,直至得到匹配正确的有效结果为止。 要注意这些格式字符串使用的是Python内置的 datetime 模块的语法,而非 Django的 date 模板标签所用的格式字符串。
当 USE_L10N 设为 True 时, 本地语言环境所指定的格式比该设置项拥有更高的优先级。
DATE_INPUT_FORMATS 和 TIME_INPUT_FORMATS 亦是如此。
默认值: False
布尔值,决定是否启用调试模式。
切忌在生产用站点上启 DEBUG 为 True 。切记切记切记!
调试模式的特性之一就是会显示详细的错误信息页。在调试模式下,如果你的应用抛出了某个异常, Django会显示详细的错误消息回溯(traceback),其中包含很多当前环境的元信息——诸如当前Django settings( settings.py )定义的所有配置项。
做为一项安全措施,在调试模式下,Django不会显示敏感或易于被利用的设置项——诸如 SECRET_KEY 或 PROFANITIES_LIST 。 具体来说,下列设置项将被排除在显示之外:
- API
- KEY
- PASS
- PROFANITIES_LIST
- SECRET
- SIGNATURE
- TOKEN
注意上述设置都是局部匹配的, 'PASS' 也可以匹配 PASSWORD , 而 'TOKEN' 也匹配 TOKENIZED ,等等。
还要注意的是,有很多内容不适合对公开,诸如文件路径,配置选项以及一些会给服务器带来安全隐患的敏感信息。
还有一点要记住就是在调试模式下,Django会记住每个运行的SQL查询。这对于调试是非常有帮助的,但在生产服务器却会迅速耗光内存。
默认值: False
设为True时,Django针对视图函式的普通异常的处理将被抑制,异常将继续向上传递。 这对某些测试设置非常有用,千万不要用在在线站点中。
默认值: '.' (点)
Default decimal separator used when formatting decimal numbers.
Note that if USE_L10N is set to True, then the locale-dictated format has higher precedence and will be applied instead.
See also NUMBER_GROUPING, THOUSAND_SEPARATOR and USE_THOUSAND_SEPARATOR.
默认值: 'utf-8'
Default charset to use for all HttpResponse objects, if a MIME type isn’t manually specified. Used with DEFAULT_CONTENT_TYPE to construct the Content-Type header.
默认值: 'text/html'
Default content type to use for all HttpResponse objects, if a MIME type isn’t manually specified. Used with DEFAULT_CHARSET to construct the Content-Type header.
默认值: django.views.debug.SafeExceptionReporterFilter
Default exception reporter filter class to be used if none has been assigned to the HttpRequest instance yet. See Filtering error reports.
默认值: django.core.files.storage.FileSystemStorage
Default file storage class to be used for any file-related operations that don’t specify a particular storage system. See Managing files.
默认值: 'webmaster@localhost'
Default email address to use for various automated correspondence from the site manager(s).
默认值: '' (Empty string)
Default tablespace to use for indexes on fields that don’t specify one, if the backend supports it (see Tablespaces).
默认值: '' (Empty string)
Default tablespace to use for models that don’t specify one, if the backend supports it (see Tablespaces).
默认值: () (Empty tuple)
List of compiled regular expression objects representing User-Agent strings that are not allowed to visit any page, systemwide. Use this for bad robots/crawlers. This is only used if CommonMiddleware is installed (see Middleware中间件).
默认值: 'django.core.mail.backends.smtp.EmailBackend'
用于发送邮件的后端。详见 发送邮件 了解可用的后端。
默认值: '' (Empty string)
Password to use for the SMTP server defined in EMAIL_HOST. This setting is used in conjunction with EMAIL_HOST_USER when authenticating to the SMTP server. If either of these settings is empty, Django won’t attempt authentication.
See also EMAIL_HOST_USER.
默认值: '' (Empty string)
Username to use for the SMTP server defined in EMAIL_HOST. If empty, Django won’t attempt authentication.
See also EMAIL_HOST_PASSWORD.
默认值: '[Django] '
Subject-line prefix for email messages sent with django.core.mail.mail_admins or django.core.mail.mail_managers. You’ll probably want to include the trailing space.
默认值: 'utf-8'
The character encoding used to decode any files read from disk. This includes template files and initial SQL data files.
默认值::
- (“django.core.files.uploadhandler.MemoryFileUploadHandler”,
- “django.core.files.uploadhandler.TemporaryFileUploadHandler”,)
A tuple of handlers to use for uploading. See Managing files for details.
默认值: 2621440 (i.e. 2.5 MB).
The maximum size (in bytes) that an upload will be before it gets streamed to the file system. See Managing files for details.
默认值: None
The numeric mode (i.e. 0644) to set newly uploaded files to. For more information about what these modes mean, see the documentation for os.chmod().
If this isn’t given or is None, you’ll get operating-system dependent behavior. On most platforms, temporary files will have a mode of 0600, and files saved from memory will be saved using the system’s standard umask.
Warning
Always prefix the mode with a 0.
If you’re not familiar with file modes, please note that the leading 0 is very important: it indicates an octal number, which is the way that modes must be specified. If you try to use 644, you’ll get totally incorrect behavior.
默认值: None
The directory to store data temporarily while uploading files. If None, Django will use the standard temporary directory for the operating system. For example, this will default to ‘/tmp’ on *nix-style operating systems.
See Managing files for details.
默认值: 0 (Sunday)
Number representing the first day of the week. This is especially useful when displaying a calendar. This value is only used when not using format internationalization, or when a format cannot be found for the current locale.
The value must be an integer from 0 to 6, where 0 means Sunday, 1 means Monday and so on.
默认值: () (Empty tuple)
List of directories searched for fixture files, in addition to the fixtures directory of each application, in search order.
Note that these paths should use Unix-style forward slashes, even on Windows.
See 使用fixture提供初始化数据 and Fixture loading.
默认值: None
If not None, this will be used as the value of the SCRIPT_NAME environment variable in any HTTP request. This setting can be used to override the server-provided value of SCRIPT_NAME, which may be a rewritten version of the preferred value or not supplied at all.
默认值: None
A full Python path to a Python package that contains format definitions for project locales. If not None, Django will check for a formats.py file, under the directory named as the current locale, and will use the formats defined on this file.
For example, if FORMAT_MODULE_PATH is set to mysite.formats, and current language is en (English), Django will expect a directory tree like:
mysite/
formats/
__init__.py
en/
__init__.py
formats.py
Available formats are DATE_FORMAT, TIME_FORMAT, DATETIME_FORMAT, YEAR_MONTH_FORMAT, MONTH_DAY_FORMAT, SHORT_DATE_FORMAT, SHORT_DATETIME_FORMAT, FIRST_DAY_OF_WEEK, DECIMAL_SEPARATOR, THOUSAND_SEPARATOR and NUMBER_GROUPING.
默认值: ()
List of compiled regular expression objects describing URLs that should be ignored when reporting HTTP 404 errors via email (see Error reporting). Use this if your site does not provide a commonly requested file such as favicon.ico or robots.txt, or if it gets hammered by script kiddies.
This is only used if SEND_BROKEN_LINK_EMAILS is set to True and CommonMiddleware is installed (see Middleware中间件).
默认值: () (Empty tuple)
A tuple of strings designating all applications that are enabled in this Django installation. Each string should be a full Python path to a Python package that contains a Django application, as created by django-admin.py startapp.
App names must be unique
The application names (that is, the final dotted part of the path to the module containing models.py) defined in INSTALLED_APPS must be unique. For example, you can’t include both django.contrib.auth and myproject.auth in INSTALLED_APPS.
默认值: () (Empty tuple)
A tuple of IP addresses, as strings, that:
默认值: 'en-us'
A string representing the language code for this installation. This should be in standard language format. For example, U.S. English is "en-us". See 国际化和本地化.
默认值: 'django_language'
The name of the cookie to use for the language cookie. This can be whatever you want (but should be different from SESSION_COOKIE_NAME). See 国际化和本地化.
默认值: A tuple of all available languages. This list is continually growing and including a copy here would inevitably become rapidly out of date. You can see the current list of translated languages by looking in django/conf/global_settings.py (or view the online source).
The list is a tuple of two-tuples in the format (language code, language name), the language code part should be a language name – for example, ('ja', 'Japanese'). This specifies which languages are available for language selection. See 国际化和本地化.
Generally, the default value should suffice. Only set this setting if you want to restrict language selection to a subset of the Django-provided languages.
If you define a custom LANGUAGES setting, it’s OK to mark the languages as translation strings (as in the default value referred to above) – but use a “dummy” gettext() function, not the one in django.utils.translation. You should never import django.utils.translation from within your settings file, because that module in itself depends on the settings, and that would cause a circular import.
The solution is to use a “dummy” gettext() function. Here’s a sample settings file:
gettext = lambda s: s
LANGUAGES = (
('de', gettext('German')),
('en', gettext('English')),
)
With this arrangement, django-admin.py makemessages will still find and mark these strings for translation, but the translation won’t happen at runtime – so you’ll have to remember to wrap the languages in the real gettext() in any code that uses LANGUAGES at runtime.
默认值: () (Empty tuple)
A tuple of directories where Django looks for translation files. See How Django discovers translations.
Example:
LOCALE_PATHS = (
'/home/www/project/common_files/locale',
'/var/local/translations/locale'
)
Note that in the paths you add to the value of this setting, if you have the typical /path/to/locale/xx/LC_MESSAGES hierarchy, you should use the path to the locale directory (i.e. '/path/to/locale').
默认值: A logging configuration dictionary.
A data structure containing configuration information. The contents of this data structure will be passed as the argument to the configuration method described in LOGGING_CONFIG.
The default logging configuration passes HTTP 500 server errors to an email log handler; all other log messages are given to a NullHandler.
默认值: 'django.utils.log.dictConfig'
A path to a callable that will be used to configure logging in the Django project. Points at a instance of Python’s dictConfig configuration method by default.
If you set LOGGING_CONFIG to None, the logging configuration process will be skipped.
默认值: '/accounts/profile/'
The URL where requests are redirected after login when the contrib.auth.login view gets no next parameter.
This is used by the login_required() decorator, for example.
Note
You can use reverse_lazy() to reference URLs by their name instead of providing a hardcoded value. Assuming a urls.py with an URLpattern named home:
urlpatterns = patterns('',
url('^welcome/$', 'test_app.views.home', name='home'),
)
You can use reverse_lazy() like this:
from django.core.urlresolvers import reverse_lazy
LOGIN_REDIRECT_URL = reverse_lazy('home')
This also works fine with localized URLs using i18n_patterns().
默认值: '/accounts/login/'
The URL where requests are redirected for login, especially when using the login_required() decorator.
Note
默认值: () (Empty tuple)
A tuple in the same format as ADMINS that specifies who should get broken-link notifications when SEND_BROKEN_LINK_EMAILS=True.
默认值: '' (Empty string)
Absolute path to the directory that holds media for this installation, used for managing stored files.
Example: "/home/media/media.lawrence.com/"
See also MEDIA_URL.
默认值: '' (Empty string)
URL that handles the media served from MEDIA_ROOT, used for managing stored files.
Example: "http://media.lawrence.com/"
默认值: messages.INFO
Sets the minimum message level that will be recorded by the messages framework. See the messages documentation for more details.
默认值: 'django.contrib.messages.storage.user_messages.LegacyFallbackStorage'
Controls where Django stores message data. See the messages documentation for more details.
默认值::
{messages.DEBUG: ‘debug’, messages.INFO: ‘info’, messages.SUCCESS: ‘success’, messages.WARNING: ‘warning’, messages.ERROR: ‘error’,}
Sets the mapping of message levels to message tags. See the messages documentation for more details.
默认值::
- (‘django.middleware.common.CommonMiddleware’,
- ‘django.contrib.sessions.middleware.SessionMiddleware’, ‘django.middleware.csrf.CsrfViewMiddleware’, ‘django.contrib.auth.middleware.AuthenticationMiddleware’, ‘django.contrib.messages.middleware.MessageMiddleware’,)
A tuple of middleware classes to use. See Middleware中间件.
默认值: 'F j'
The default formatting to use for date fields on Django admin change-list pages – and, possibly, by other parts of the system – in cases when only the month and day are displayed.
For example, when a Django admin change-list page is being filtered by a date drilldown, the header for a given day displays the day and month. Different locales have different formats. For example, U.S. English would say “January 1,” whereas Spanish might say “1 Enero.”
See allowed date format strings. See also DATE_FORMAT, DATETIME_FORMAT, TIME_FORMAT and YEAR_MONTH_FORMAT.
默认值: 0
Number of digits grouped together on the integer part of a number.
Common use is to display a thousand separator. If this setting is 0, then no grouping will be applied to the number. If this setting is greater than 0, then THOUSAND_SEPARATOR will be used as the separator between those groups.
Note that if USE_L10N is set to True, then the locale-dictated format has higher precedence and will be applied instead.
See also DECIMAL_SEPARATOR, THOUSAND_SEPARATOR and USE_THOUSAND_SEPARATOR.
默认值: 3
The number of days a password reset link is valid for. Used by the django.contrib.auth password reset mechanism.
默认值: False
Whether to prepend the “www.” subdomain to URLs that don’t have it. This is only used if CommonMiddleware is installed (see Middleware中间件). See also APPEND_SLASH.
默认值: () (Empty tuple)
A tuple of profanities, as strings, that will be forbidden in comments when COMMENTS_ALLOW_PROFANITIES is False.
默认值: {}
A dictionary containing settings for the restructuredtext markup filter from the django.contrib.markup application. They override the default writer settings. See the Docutils restructuredtext writer settings docs for details.
默认值: Not defined
A string representing the full Python import path to your root URLconf. For example: "mydjangoapps.urls". Can be overridden on a per-request basis by setting the attribute urlconf on the incoming HttpRequest object. See How Django processes a request for details.
默认值: '' (Empty string)
A secret key for this particular Django installation. Used to provide a seed in secret-key hashing algorithms. Set this to a random string – the longer, the better. django-admin.py startproject creates one automatically.
默认值: None
A tuple representing a HTTP header/value combination that signifies a request is secure. This controls the behavior of the request object’s is_secure() method.
This takes some explanation. By default, is_secure() is able to determine whether a request is secure by looking at whether the requested URL uses “https://”.
If your Django app is behind a proxy, though, the proxy may be “swallowing” the fact that a request is HTTPS, using a non-HTTPS connection between the proxy and Django. In this case, is_secure() would always return False – even for requests that were made via HTTPS by the end user.
In this situation, you’ll want to configure your proxy to set a custom HTTP header that tells Django whether the request came in via HTTPS, and you’ll want to set SECURE_PROXY_SSL_HEADER so that Django knows what header to look for.
You’ll need to set a tuple with two elements – the name of the header to look for and the required value. For example:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
Here, we’re telling Django that we trust the X-Forwarded-Protocol header that comes from our proxy, and any time its value is 'https', then the request is guaranteed to be secure (i.e., it originally came in via HTTPS). Obviously, you should only set this setting if you control your proxy or have some other guarantee that it sets/strips this header appropriately.
Note that the header needs to be in the format as used by request.META – all caps and likely starting with HTTP_. (Remember, Django automatically adds 'HTTP_' to the start of x-header names before making the header available in request.META.)
Warning
You will probably open security holes in your site if you set this without knowing what you’re doing. Seriously.
Make sure ALL of the following are true before setting this (assuming the values from the example above):
If any of those are not true, you should keep this setting set to None and find another way of determining HTTPS, perhaps via custom middleware.
默认值: False
Whether to send an email to the MANAGERS each time somebody visits a Django-powered page that is 404ed with a non-empty referer (i.e., a broken link). This is only used if CommonMiddleware is installed (see Middleware中间件). See also IGNORABLE_404_URLS and Error reporting.
默认值: Not defined.
A dictionary of modules containing serializer definitions (provided as strings), keyed by a string identifier for that serialization type. For example, to define a YAML serializer, use:
SERIALIZATION_MODULES = { 'yaml' : 'path.to.yaml_serializer' }
默认值: 'root@localhost'
The email address that error messages come from, such as those sent to ADMINS and MANAGERS.
默认值: 1209600 (2 weeks, in seconds)
The age of session cookies, in seconds. See How to use sessions.
默认值: None
The domain to use for session cookies. Set this to a string such as ".lawrence.com" for cross-domain cookies, or use None for a standard domain cookie. See the How to use sessions.
默认值: False
Whether to use HTTPOnly flag on the session cookie. If this is set to True, client-side JavaScript will not to be able to access the session cookie.
HTTPOnly is a flag included in a Set-Cookie HTTP response header. It is not part of the RFC 2109 standard for cookies, and it isn’t honored consistently by all browsers. However, when it is honored, it can be a useful way to mitigate the risk of client side script accessing the protected cookie data.
默认值: 'sessionid'
The name of the cookie to use for sessions. This can be whatever you want (but should be different from LANGUAGE_COOKIE_NAME). See the How to use sessions.
默认值: '/'
The path set on the session cookie. This should either match the URL path of your Django installation or be parent of that path.
This is useful if you have multiple Django instances running under the same hostname. They can use different cookie paths, and each instance will only see its own session cookie.
默认值: False
Whether to use a secure cookie for the session cookie. If this is set to True, the cookie will be marked as “secure,” which means browsers may ensure that the cookie is only sent under an HTTPS connection. See the How to use sessions.
默认值: django.contrib.sessions.backends.db
Controls where Django stores session data. Valid values are:
See How to use sessions.
默认值: False
Whether to expire the session when the user closes his or her browser. See the How to use sessions.
默认值: None
If you’re using file-based session storage, this sets the directory in which Django will store session data. See How to use sessions. When the default value (None) is used, Django will use the standard temporary directory for the system.
默认值: False
Whether to save the session data on every request. See How to use sessions.
默认值: m/d/Y (e.g. 12/31/2003)
An available formatting that can be used for displaying date fields on templates. Note that if USE_L10N is set to True, then the corresponding locale-dictated format has higher precedence and will be applied. See allowed date format strings.
See also DATE_FORMAT and SHORT_DATETIME_FORMAT.
默认值: m/d/Y P (e.g. 12/31/2003 4 p.m.)
An available formatting that can be used for displaying datetime fields on templates. Note that if USE_L10N is set to True, then the corresponding locale-dictated format has higher precedence and will be applied. See allowed date format strings.
See also DATE_FORMAT and SHORT_DATE_FORMAT.
默认值: ‘django.core.signing.TimestampSigner’
The backend used for signing cookies and other data.
See also the Cryptographic signing documentation.
默认值: Not defined
The ID, as an integer, of the current site in the django_site database table. This is used so that application data can hook into specific site(s) and a single database can manage content for multiple sites.
默认值: '' (Empty string)
The absolute path to the directory where collectstatic will collect static files for deployment.
Example: "/home/example.com/static/"
If the staticfiles contrib app is enabled (default) the collectstatic management command will collect static files into this directory. See the howto on managing static files for more details about usage.
Warning
This should be an (initially empty) destination directory for collecting your static files from their permanent locations into one directory for ease of deployment; it is not a place to store your static files permanently. You should do that in directories that will be found by staticfiles‘s finders, which by default, are 'static/' app sub-directories and any directories you include in STATICFILES_DIRS).
See staticfiles reference and STATIC_URL.
默认值: None
URL to use when referring to static files located in STATIC_ROOT.
Example: "/site_media/static/" or "http://static.example.com/"
If not None, this will be used as the base path for media definitions and the staticfiles app.
It must end in a slash if set to a non-empty value.
See STATIC_ROOT.
默认值::
(“django.contrib.auth.context_processors.auth”, “django.core.context_processors.debug”, “django.core.context_processors.i18n”, “django.core.context_processors.media”, “django.core.context_processors.static”, “django.core.context_processors.tz”, “django.contrib.messages.context_processors.messages”)
A tuple of callables that are used to populate the context in RequestContext. These callables take a request object as their argument and return a dictionary of items to be merged into the context.
默认值: False
A boolean that turns on/off template debug mode. If this is True, the fancy error page will display a detailed report for any exception raised during template rendering. This report contains the relevant snippet of the template, with the appropriate line highlighted.
Note that Django only displays fancy error pages if DEBUG is True, so you’ll want to set that to take advantage of this setting.
See also DEBUG.
默认值: () (Empty tuple)
List of locations of the template source files searched by django.template.loaders.filesystem.Loader, in search order.
Note that these paths should use Unix-style forward slashes, even on Windows.
See Django模板语言.
默认值::
- (‘django.template.loaders.filesystem.Loader’,
- ‘django.template.loaders.app_directories.Loader’)
A tuple of template loader classes, specified as strings. Each Loader class knows how to import templates from a particular source. Optionally, a tuple can be used instead of a string. The first item in the tuple should be the Loader‘s module, subsequent items are passed to the Loader during initialization. See The Django template language: For Python programmers.
默认值: '' (Empty string)
Output, as a string, that the template system should use for invalid (e.g. misspelled) variables. See How invalid variables are handled..
默认值: 'django.test.simple.DjangoTestSuiteRunner'
The name of the class to use for starting the test suite. See Testing Django applications.
默认值: , (Comma)
Default thousand separator used when formatting numbers. This setting is used only when USE_THOUSAND_SEPARATOR is True and NUMBER_GROUPING is greater than 0.
Note that if USE_L10N is set to True, then the locale-dictated format has higher precedence and will be applied instead.
See also NUMBER_GROUPING, DECIMAL_SEPARATOR and USE_THOUSAND_SEPARATOR.
默认值: 'P' (e.g. 4 p.m.)
The default formatting to use for displaying time fields in any part of the system. Note that if USE_L10N is set to True, then the locale-dictated format has higher precedence and will be applied instead. See allowed date format strings.
See also DATE_FORMAT and DATETIME_FORMAT.
默认值: ('%H:%M:%S', '%H:%M')
A tuple of formats that will be accepted when inputting data on a time field. Formats will be tried in order, using the first valid one. Note that these format strings use Python’s datetime module syntax, not the format strings from the date Django template tag.
When USE_L10N is True, the locale-dictated format has higher precedence and will be applied instead.
See also DATE_INPUT_FORMATS and DATETIME_INPUT_FORMATS.
默认值: 'America/Chicago'
A string representing the time zone for this installation, or None. See available choices. (Note that list of available choices lists more than one on the same line; you’ll want to use just one of the choices for a given time zone. For instance, one line says 'Europe/London GB GB-Eire', but you should use the first bit of that – 'Europe/London' – as your TIME_ZONE setting.)
Note that this isn’t necessarily the time zone of the server. For example, one server may serve multiple Django-powered sites, each with a separate time zone setting.
When USE_TZ is False, this is the time zone in which Django will store all datetimes. When USE_TZ is True, this is the default time zone that Django will use to display datetimes in templates and to interpret datetimes entered in forms.
Django sets the os.environ['TZ'] variable to the time zone you specify in the TIME_ZONE setting. Thus, all your views and models will automatically operate in this time zone. However, Django won’t set the TZ environment variable under the following conditions:
If Django doesn’t set the TZ environment variable, it’s up to you to ensure your processes are running in the correct environment.
Note
Django cannot reliably use alternate time zones in a Windows environment. If you’re running Django on Windows, TIME_ZONE must be set to match the system time zone.
默认值: Django/<version> (https://www.djangoproject.com/)
The string to use as the User-Agent header when checking to see if URLs exist (see the verify_exists option on URLField). This setting was deprecated in 1.3.1 along with verify_exists and will be removed in 1.4.
默认值: False
A boolean that specifies whether to output the “Etag” header. This saves bandwidth but slows down performance. This is used by the CommonMiddleware (see Middleware中间件) and in the``Cache Framework`` (see Django’s cache framework).
默认值: True
A boolean that specifies whether Django’s translation system should be enabled. This provides an easy way to turn it off, for performance. If this is set to False, Django will make some optimizations so as not to load the translation machinery.
See also LANGUAGE_CODE, USE_L10N and USE_TZ.
默认值: False
A boolean that specifies if localized formatting of data will be enabled by default or not. If this is set to True, e.g. Django will display numbers and dates using the format of the current locale.
See also LANGUAGE_CODE, USE_I18N and USE_TZ.
Note
The default settings.py file created by django-admin.py startproject includes USE_L10N = True for convenience.
默认值: False
A boolean that specifies whether to display numbers using a thousand separator. When USE_L10N is set to True and if this is also set to True, Django will use the values of THOUSAND_SEPARATOR and NUMBER_GROUPING to format numbers.
See also DECIMAL_SEPARATOR, NUMBER_GROUPING and THOUSAND_SEPARATOR.
默认值: False
A boolean that specifies if datetimes will be timezone-aware by default or not. If this is set to True, Django will use timezone-aware datetimes internally. Otherwise, Django will use naive datetimes in local time.
See also TIME_ZONE, USE_I18N and USE_L10N.
Note
The default settings.py file created by django-admin.py startproject includes USE_TZ = True for convenience.
默认值: False
A boolean that specifies whether to use the X-Forwarded-Host header in preference to the Host header. This should only be enabled if a proxy which sets this header is in use.
默认值: None
The full Python path of the WSGI application object that Django’s built-in servers (e.g. runserver) will use. The django-admin.py startproject management command will create a simple wsgi.py file with an application callable in it, and point this setting to that application.
If not set, the return value of django.core.wsgi.get_wsgi_application() will be used. In this case, the behavior of runserver will be identical to previous Django versions.
默认值: 'F Y'
The default formatting to use for date fields on Django admin change-list pages – and, possibly, by other parts of the system – in cases when only the year and month are displayed.
For example, when a Django admin change-list page is being filtered by a date drilldown, the header for a given month displays the month and the year. Different locales have different formats. For example, U.S. English would say “January 2006,” whereas another locale might say “2006/January.”
See allowed date format strings. See also DATE_FORMAT, DATETIME_FORMAT, TIME_FORMAT and MONTH_DAY_FORMAT.
默认值: 'SAMEORIGIN'
The default value for the X-Frame-Options header used by XFrameOptionsMiddleware. See the clickjacking protection documentation.
Dec 14, 2013