#31942: SafeExceptionReporterFilter does not recurse into dictionaries with non-
string keys
-------------------------------------------+------------------------
Reporter: Jeremy Lainé | Owner: (none)
Type: Uncategorized | Status: new
Component: Error reporting | Version: 3.1
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------------+------------------------
SafeExceptionReporterFilter has provisions for recursively cleaning
settings by descending into lists / tuples / dictionaries - which is
great! However, recursing on dictionaries only works if the keys of the
dictionary are strings.
For instance it will fail to sanitize the following example:
`SOME_SETTING = {1: {'login': 'cooper', 'password': 'secret'}}`
The reason for this is that `cleanse_setting` starts by trying to apply a
the `hidden_settings` regex to the key before attempting to recurse into
the value:
https://github.com/django/django/blob/0b0658111cba538b91072b9a133fd5545f3f46d1/django/views/debug.py#L94
--
Ticket URL: <https://code.djangoproject.com/ticket/31942>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/049.eaac1ac2373788b33f9245e215da9abc%40djangoproject.com.
