Re: Preventing the leaking of sensitive information in error logs

Many thanks to all for the feedback. I've just posted a new patch, welcoming any further feedback: https://code.djangoproject.com/attachment/ticket/14614/14614.exception-reporter-filter.diff Regards, Julien -- You received this message because you are subscribed to the Google Groups "Django

Re: Preventing the leaking of sensitive information in error logs

On Jun 2, 3:33 pm, Luke Plant wrote: > On 02/06/11 19:45, Michael Manfre wrote: > > On Jun 1, 5:53 am, Luke Plant wrote: > >> Would it possible to make the sensitive decorator add some kind of > >> strategy object to the request, which itself is

Re: Preventing the leaking of sensitive information in error logs

On Jun 1, 7:53 pm, Luke Plant wrote: > Would it possible to make the sensitive decorator add some kind of > strategy object to the request, which itself is responsible for the > filtering, rather than a simple boolean flag? The GET/POST parameters appearing in the error

Re: Preventing the leaking of sensitive information in error logs

On 02/06/11 19:45, Michael Manfre wrote: > > > On Jun 1, 5:53 am, Luke Plant wrote: >> Would it possible to make the sensitive decorator add some kind of >> strategy object to the request, which itself is responsible for the >> filtering, rather than a simple boolean

Re: Preventing the leaking of sensitive information in error logs

On Jun 1, 5:53 am, Luke Plant wrote: > Would it possible to make the sensitive decorator add some kind of > strategy object to the request, which itself is responsible for the > filtering, rather than a simple boolean flag? The strategy object > interface might be: > >

Re: Preventing the leaking of sensitive information in error logs

On 29/05/11 05:22, Julien Phalip wrote: > Recently I've been a bit embarrassed to receive a 500-error email > report containing a client of mine's password displayed in clear > because the admin login view had encountered an unhandled exception. > This is probably OK in a debug environment but in

Re: Preventing the leaking of sensitive information in error logs

On Sun, 29 May 2011 15:57:34 +0300, Fraser Nevett wrote: On May 29, 5:22 am, Julien Phalip wrote: As a side thought, if this functionality does get implemented, would it be feasible/desirable to have Django emit a warning to encourage the developer to

Re: Preventing the leaking of sensitive information in error logs

On May 29, 5:22 am, Julien Phalip wrote: > I'm bringing this up to the dev-list as I'm keen to hear if someone is > interested in this problem and has suggestions towards a robust > solution. It is a pretty serious issue that I hope can be resolved by > the 1.4 release. For