#31604: Should SafeExceptionReporterFilter cleanse setting keys whose name 
"URL" in part, too?
     Reporter:  Sebastian Pipping  |                    Owner:  (none)
         Type:  Uncategorized      |                   Status:  closed
    Component:  Error reporting    |                  Version:  master
     Severity:  Normal             |               Resolution:  wontfix
     Keywords:                     |             Triage Stage:  Unreviewed
    Has patch:  0                  |      Needs documentation:  0
  Needs tests:  0                  |  Patch needs improvement:  0
Easy pickings:  0                  |                    UI/UX:  0
Changes (by Carlton Gibson):

 * status:  new => closed
 * resolution:   => wontfix


 Hi. Thanks for the report.

 I think the idea is precisely that after #23004 you customise this for
 your own project. The underlying issue is that there are any number of
 possible customisations that would be appropriate for some given project,
 and it's simply not feasible to keep adding them all.

 In this particular case, the additional benefit to parsing sensitive URLs
 (vs simply filtering them entirely in a subclass) doesn't seem worth the
 complexity. (Given that URLs end up in log files, which is out-of-scope
 for Django, we see complaints if sensitive values get used in URLs at all,
 so I'm half-inclined towards thinking the issue here lies elsewhere.)

 I hope that makes sense.

Ticket URL: <https://code.djangoproject.com/ticket/31604#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Reply via email to