From 45570580839ce2e4e4674b42375dbc1300f91f14 Mon Sep 17 00:00:00 2001
From: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Thu, 1 Mar 2012 21:38:45 +0000
Subject: [PATCH] Fixed #17800 -- Prevented Django from starting without a
 SECRET_KEY, since that opens a variety of security problems. Thanks PaulM for
 the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17611 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/conf/__init__.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/django/conf/__init__.py b/django/conf/__init__.py
index 97f26e9aa3..c887890a0c 100644
--- a/django/conf/__init__.py
+++ b/django/conf/__init__.py
@@ -106,6 +106,9 @@ class Settings(BaseSettings):
                     setting_value = (setting_value,) # In case the user forgot the comma.
                 setattr(self, setting, setting_value)
 
+        if not self.SECRET_KEY:
+            raise ValueError("The SECRET_KEY setting mustn't be empty.")
+
         if hasattr(time, 'tzset') and self.TIME_ZONE:
             # When we can, attempt to validate the timezone. If we can't find
             # this file, no check happens and it's harmless.