Update django-secret-key.yaml

http/exposures/files/django-secret-key.yaml

@@ -7,20 +7,15 @@ info:
   description: The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file.
   reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
   metadata:
-    max-request: 6
+    max-request: 7
     verified: true
     shodan-query: html:settings.py
+    comments: 'We download the manage.py file to check whether it contains line such as: `os.environ.setdefault("DJANGO_SETTINGS_MODULE", "APP_NAME.settings")` if it does, we extract the APP_NAME to know in what folder to look for the settings.py file.'
   tags: django,exposure,files
 
 http:
   - method: GET
     path:
-      # We download the manage.py file to check whether it contains line such as:
-      #
-      #   os.environ.setdefault("DJANGO_SETTINGS_MODULE", "APP_NAME.settings")
-      #
-      # if it does, we extract the APP_NAME to know in what folder to look for the settings.py file.
-
       - "{{BaseURL}}/manage.py"
       - "{{BaseURL}}/settings.py"
       - "{{BaseURL}}/app/settings.py"
@@ -29,11 +24,9 @@ http:
       - "{{BaseURL}}/web/settings/settings.py"
       - "{{BaseURL}}/{{app_name}}/settings.py"
 
-
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-
       - type: word
         part: body
         words:
@@ -55,6 +48,7 @@ http:
         group: 1
         regex:
           - '"DJANGO_SECRET_KEY", "(.*)"'
+
       - type: regex
         part: body
         internal: true