CRITICAL: fallback to MEDIA_ROOT should be clearly documented to prevent leaking the source folder

[olivierdalang]

Hey ! First, thanks for the package.

Using this package, I wasn't aware that that library falls back to service regular filesystem MEDIA_ROOT if there is no hit in the database. Indeed if you read through the README carefuly, you get it, but it's not obvious from the library's scope.

Since I was expecting to not use the MEDIA_ROOT whatsoever, I didn't put that in my settings.py, so it uses django's default which is "".

Results: django-binary-database-files default endpoint happily leaks my source folder !!

I think the library should throw an Exception if MEDIA_ROOT isn't explictly set (arguably, Django should include such as warning out of the box), and this should be more clearly documented.

I may be able to work on a fix if you're taking in PRs

[jeverling]

Hi Olivier, thanks for finding this, that is indeed a problem.
A PR would be more than welcome!

[olivierdalang]

FYI I also opened a thread on django forum : https://forum.djangoproject.com/t/media-root-defaulting-to-empty-string-isnt-that-dangerous/36567

For the PR, I think we could reuse django's django.conf.urls.static which already includes a sanity check. I'll try to give it a shot this afternoon.