Prevent people from setting STATIC_PATHS to a str

Previously you could accidentally set for example site/css and pelican would iterate through the string and attempt to copy '/' into your output.

pelican/settings.py

@@ -234,4 +234,14 @@ def configure_settings(settings):
         settings['FILENAME_METADATA'] = (
                 _DEFAULT_CONFIG['FILENAME_METADATA'])
 
+    # Save people from accidentally setting site/css vs [site/css]
+    path_keys = ['STATIC_PATHS', 'THEME_STATIC_PATHS']
+    for PATH_KEY in filter(lambda k: k in settings, path_keys):
+            if isinstance(settings[PATH_KEY], six.string_types):
+                logger.warn("Detected misconfiguration with %s setting (must "
+                        "be a list of paths), falling back to the default"
+                        % PATH_KEY)
+                settings[PATH_KEY] = \
+                        _DEFAULT_CONFIG[PATH_KEY]
+
     return settings

pelican/tests/test_settings.py

@@ -57,6 +57,22 @@ class TestSettingsConfiguration(unittest.TestCase):
         settings['SITENAME'] = 'Not a Pelican Blog'
         self.assertNotEqual(settings['SITENAME'], _DEFAULT_CONFIG['SITENAME'])
 
+    def test_path_settings_safety(self):
+        """Don't let people setting the static path listings to strs"""
+        settings = {'STATIC_PATHS': 'foo/bar',
+                'THEME_STATIC_PATHS': 'bar/baz',
+                # These 4 settings are required to run configure_settings
+                'PATH': '.',
+                'THEME': DEFAULT_THEME,
+                'SITEURL': 'http://blog.notmyidea.org/',
+                'LOCALE': '',
+                }
+        configure_settings(settings)
+        self.assertEqual(settings['STATIC_PATHS'],
+                _DEFAULT_CONFIG['STATIC_PATHS'])
+        self.assertEqual(settings['THEME_STATIC_PATHS'],
+                _DEFAULT_CONFIG['THEME_STATIC_PATHS'])
+
     def test_configure_settings(self):
         #Manipulations to settings should be applied correctly.