Coverage for /Users/davegaeddert/Development/dropseed/plain/plain/plain/runtime/global_settings.py: 100%
43 statements
« prev ^ index » next coverage.py v7.6.1, created at 2024-10-17 22:06 -0500
« prev ^ index » next coverage.py v7.6.1, created at 2024-10-17 22:06 -0500
1"""
2Default Plain settings. Override these with settings in the module pointed to
3by the PLAIN_SETTINGS_MODULE environment variable.
4"""
5from pathlib import Path
7from plain.runtime import APP_PATH as default_app_path
9####################
10# CORE #
11####################
13DEBUG: bool = False
15PLAIN_TEMP_PATH: Path = default_app_path.parent / ".plain"
17# Hosts/domain names that are valid for this site.
18# "*" matches anything, ".example.com" matches example.com and all subdomains
19ALLOWED_HOSTS: list[str] = []
21# Local time zone for this installation. All choices can be found here:
22# https://en.wikipedia.org/wiki/List_of_tz_zones_by_name (although not all
23# systems may support all possibilities). This is interpreted as the default
24# user time zone.
25TIME_ZONE: str = "UTC"
27# Default charset to use for all Response objects, if a MIME type isn't
28# manually specified. It's used to construct the Content-Type header.
29DEFAULT_CHARSET = "utf-8"
31# List of strings representing installed packages.
32INSTALLED_PACKAGES: list[str] = []
34# Whether to append trailing slashes to URLs.
35APPEND_SLASH = True
37# Default headers for all responses.
38DEFAULT_RESPONSE_HEADERS = {
39 # "Content-Security-Policy": "default-src 'self'",
40 # https://hstspreload.org/
41 # "Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload",
42 "Cross-Origin-Opener-Policy": "same-origin",
43 "Referrer-Policy": "same-origin",
44 "X-Content-Type-Options": "nosniff",
45 "X-Frame-Options": "DENY",
46}
48# Whether to redirect all non-HTTPS requests to HTTPS.
49HTTPS_REDIRECT_ENABLED = True
50HTTPS_REDIRECT_EXEMPT = []
51HTTPS_REDIRECT_HOST = None
53# If your Plain app is behind a proxy that sets a header to specify secure
54# connections, AND that proxy ensures that user-submitted headers with the
55# same name are ignored (so that people can't spoof it), set this value to
56# a tuple of (header_name, header_value). For any requests that come in with
57# that header/value, request.is_https() will return True.
58# WARNING! Only set this if you fully understand what you're doing. Otherwise,
59# you may be opening yourself up to a security risk.
60HTTPS_PROXY_HEADER = None
62# Whether to use the X-Forwarded-Host and X-Forwarded-Port headers
63# when determining the host and port for the request.
64USE_X_FORWARDED_HOST = False
65USE_X_FORWARDED_PORT = False
67# A secret key for this particular Plain installation. Used in secret-key
68# hashing algorithms. Set this in your settings, or Plain will complain
69# loudly.
70SECRET_KEY: str
72# List of secret keys used to verify the validity of signatures. This allows
73# secret key rotation.
74SECRET_KEY_FALLBACKS: list[str] = []
76ROOT_URLCONF = "app.urls"
78# List of upload handler classes to be applied in order.
79FILE_UPLOAD_HANDLERS = [
80 "plain.internal.files.uploadhandler.MemoryFileUploadHandler",
81 "plain.internal.files.uploadhandler.TemporaryFileUploadHandler",
82]
84# Maximum size, in bytes, of a request before it will be streamed to the
85# file system instead of into memory.
86FILE_UPLOAD_MAX_MEMORY_SIZE = 2621440 # i.e. 2.5 MB
88# Maximum size in bytes of request data (excluding file uploads) that will be
89# read before a SuspiciousOperation (RequestDataTooBig) is raised.
90DATA_UPLOAD_MAX_MEMORY_SIZE = 2621440 # i.e. 2.5 MB
92# Maximum number of GET/POST parameters that will be read before a
93# SuspiciousOperation (TooManyFieldsSent) is raised.
94DATA_UPLOAD_MAX_NUMBER_FIELDS = 1000
96# Maximum number of files encoded in a multipart upload that will be read
97# before a SuspiciousOperation (TooManyFilesSent) is raised.
98DATA_UPLOAD_MAX_NUMBER_FILES = 100
100# Directory in which upload streamed files will be temporarily saved. A value of
101# `None` will make Plain use the operating system's default temporary directory
102# (i.e. "/tmp" on *nix systems).
103FILE_UPLOAD_TEMP_DIR = None
105# User-defined overrides for error views by status code
106HTTP_ERROR_VIEWS: dict[int] = {}
108##############
109# MIDDLEWARE #
110##############
112# List of middleware to use. Order is important; in the request phase, these
113# middleware will be applied in the order given, and in the response
114# phase the middleware will be applied in reverse order.
115MIDDLEWARE: list[str] = []
117###########
118# SIGNING #
119###########
121COOKIE_SIGNING_BACKEND = "plain.signing.TimestampSigner"
123########
124# CSRF #
125########
127# Settings for CSRF cookie.
128CSRF_COOKIE_NAME = "csrftoken"
129CSRF_COOKIE_AGE = 60 * 60 * 24 * 7 * 52
130CSRF_COOKIE_DOMAIN = None
131CSRF_COOKIE_PATH = "/"
132CSRF_COOKIE_SECURE = True
133CSRF_COOKIE_HTTPONLY = False
134CSRF_COOKIE_SAMESITE = "Lax"
135CSRF_HEADER_NAME = "HTTP_X_CSRFTOKEN"
136CSRF_TRUSTED_ORIGINS: list[str] = []
138###########
139# LOGGING #
140###########
142# Custom logging configuration.
143LOGGING = {}
145###############
146# ASSETS #
147###############
149# Whether to redirect the original asset path to the fingerprinted path.
150ASSETS_REDIRECT_ORIGINAL = True
152# If assets are served by a CDN, use this URL to prefix asset paths.
153# Ex. "https://cdn.example.com/assets/"
154ASSETS_BASE_URL: str = ""
156####################
157# PREFLIGHT CHECKS #
158####################
160# List of all issues generated by system checks that should be silenced. Light
161# issues like warnings, infos or debugs will not generate a message. Silencing
162# serious issues like errors and criticals does not result in hiding the
163# message, but Plain will not stop you from e.g. running server.
164SILENCED_PREFLIGHT_CHECKS = []
166#############
167# Templates #
168#############
170JINJA_LOADER = "jinja2.loaders.FileSystemLoader"
171JINJA_ENVIRONMENT = "plain.templates.jinja.defaults.create_default_environment"