Email error reports sent from Django (when DEBUG=False) include information about parent domain cookies, which may contain personal data. This may create issues related to the GDPR (the European General Data Protection Regulation), as one can't control the cookies from services hosted on parent domain(s), while it is necessary to provide full information about personal data handling to the user with the possibility to delete the data on request.
In short words, to be GDPR-compliant, we should be able to exclude potentially risky data from the error reports. I created a ticket <https://code.djangoproject.com/ticket/29714> in the Django bugtracker about introducing an option to hide cookies in error reports. It was pointed out to me, that it's possible to implement a custom "SafeExceptionReporterFilter", but i still think that the situation with the cookies should be clarified somehow explicitly in the "HowTo" section dedicated to error reporting. There is already a topic related to GDPR: https://groups.google.com/forum/#!topic/django-developers/Xhg-0JeDN50/discussion, but so far there hasn't been any discussion going on there. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/ef2ed833-2512-4105-9de4-77d33bc6c823%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.