Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 2066 by DEBUG output should be disabled by default

* NOTE: Do not post confidential information in this bug report. *
*       If you need immediate support, please contact            *
*                             *

What version are you running?


What's the URL of the page containing the problem?

Please provide any additional information below.

A user of our reviewboard instance was presented a django exception when he uploaded a broken diff. He states, that this debug output should not be disabled on production sites. (i.e. in the reviewboard release)

He wrote:

I'm reopenning because I am not sure if you will get the notification otherwise
(which means feel free to close it again :) )

I have some django experience. This debug output is useless for people that are
not maintainers of the web application. Those messages can be mailed to the
maintainer or logged somewhere. Furthermore, according to django docs [1]
having that enabled is a security leak, as it provides detailed info about the
system and various other data that should be hidden to non-admins.

But that is not the reason I filled the bug. The problem is that I managed to
crash the reviewboard instance (I provide steps to reproduce). This is not
something you can fix though, it should be fixed by upstream, but I kindly
request you to do it for me, as it may be related to your configuration (eg
python/django version).

BTW I want to point out that the specific patch was sent by mail to the
kaffeine maintainers, so there is no rush from my point for it. Even if you
don't want to deal with this bug, that is totally acceptable too.


Can you confirm this? It might be better to set DEBUG = False in in the release?

Best Regards,


You received this message because you are subscribed to the Google Groups 
"reviewboard-issues" group.
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

Reply via email to