Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Escaped Dollar sign ($) in string environment variables not getting cleaned after import

See original GitHub issue

Hi People,

I’ve encountered an issue while setting the EMAIL_HOST_PASSWORD environment variable.

If you have Dollar sign $ in the beginning of your env variable string django-environ treats it as another environment variable (nested variable): .env file:

EMAIL_HOST_PASSWORD='$my_password_including_$_sign_in_the_beginning'

settings.py

EMAIL_HOST_PASSWORD = env.str('EMAIL_HOST_PASSWORD')

This configuration raises:

django.core.exceptions.ImproperlyConfigured: Set the my_password_including_$_sign_in_the_beginning environment variable

which as you can see omitted the first $ sign.

Now if we try to escape the $ character with a backslash and change our .env file to this:

EMAIL_HOST_PASSWORD='\$my_password_including_$_sign_in_the_beginning'

django-environ escapes the backslash instead of the dollar sign $ and we end up with something like this:

>>> from django.conf import settings
>>> settings.EMAIL_HOST_PASSWORD
'\\$my_password_including_$_sign_in_the_beginning'

Which breaks our configurations and settings.

This is my proposal which if is agreed on I’ll make a pull request:

# Current string reader function
def str(self, var, default=NOTSET, multiline=False):
    """
    :rtype: str
    """
    value = self.get_value(var, default=default)
    if multiline:
        return value.replace('\\n', '\n')
    return value


# My proposal for string function, which we can use escape=True while passing env variables that have such characters
def str(self, var, default=NOTSET, multiline=False, escape=False):
    """
    :rtype: str
    """
    value = self.get_value(var, default=default)
    if multiline:
        return value.replace('\\n', '\n')
    if escape:
        return value.replace('\$', '$')
    return value

Issue Analytics

State:
Created 3 years ago
Reactions:10
Comments:12 (1 by maintainers)

Top GitHub Comments

2reactions

fdemmercommented, Oct 20, 2021

I’l sort out with this ASAP.

Looking forward to a release, that supports completely disabling proxy/interpolation (or at least using only ${VAR} format). I personally don’t need it at all and it generally adds complexity that leads to bugs as documented by the numerous issues reporting problems.

Thank you for your work on all those recent updates @sergeyklay !

1reaction

salaxiebcommented, Jul 22, 2022

Hi everyone following helped me: with my pas$word using double $

export PASSWORD='pas$$word'

Top Results From Across the Web

Escape dollar sign ($) in Java Manifold String templates ...

Obviously, this is Manifold String templates trying to find a variable named $HIS, which is not defined in scope. So, I need to...

Dollar sign in environment variable's value - Ask Ubuntu

To do that you would need to escape the $ , either with a backslash just before it, or single quotes around it....

Appendix A. Construction Variables - SCons

In this appendix, we have appended the initial $ (dollar sign) to the beginning of each variable name when it appears in the...

Use environment variables | Cloud Run Documentation

When you set environment variables, they are injected into the container and are accessible to your code. Environment variables are set as key/value...

docker escape dollar sign | The AI Search Engine You Control

However, Docker will only expand build arguments and environment variables defined inside the Dockerfile, not values from the external environment or ...