... either I'm missing something, or this is so much noise... If you code defensively, and use a debuging environment for both development, and to inspect tickets, what would this give you that you need and don't have? Anyway, in 2 years w/ web2py (and too many to count elsewhere) I have never been compelled for this (in compiled code, perhaps...)
On Sun, Sep 13, 2009 at 5:22 PM, Thadeus Burgess <[email protected]>wrote: > It is quite difficult, and damn near impossible to debug something that is > throwing an error when you don't know what inside the variable is causing > the error. (such as the httplib response from a external server) > > I understand where you are comming on from a security standpoint, however > there is no way you could stop a developer from going mail_to(' > [email protected]', request.vars.username, request.vars.password) > > Django displays large variables, and if they are something like a > dictionary, there is even an add-on module that will do tree-view folding of > your variables. > > Perhaps there should be another level above Administrator, such as > Developer, only "Developers" can gain access to the variable trace, and > "Administrators" would only get to see a stack trace, or just be notified > that there was an error. > > And just as web2py will disallow admin access when its in a production > environment, it could set DEBUG=False if its not running on localhost ? > > -Thadeus > > > On Sun, Sep 13, 2009 at 2:09 PM, weheh <[email protected]> wrote: > >> >> I think this is a useful suggestion. If the developer sets DEBUG=False >> then there should be no variable trace. DEBUG=False should be the >> default. If the developer sets DEBUG=True and forgets that in the >> production version, well, caveat emptor. >> >> On Sep 13, 2:21 pm, mdipierro <[email protected]> wrote: >> > I understand. from a technical point of view this would be easy to add >> > but there are two problems: >> > 1) some variables may be very large and this would make tickets very >> > big. How does Django handle it? Does it ignore large variables? >> > 2) some of he variables may contain user information that >> > administrator should not get access to (for example >> > request.vars.password). There may be privacy issues in logging vars >> > into tickets. If this were the default it would make web2py non- >> > complaint with privacy standard whatever your application does. >> > >> > Any idea? >> > >> > Massimo >> > >> > On Sep 13, 1:11 pm, Thadeus Burgess <[email protected]> wrote: >> > >> > > When django runs into an error, it gives you the values of all >> variables >> > > during the stack track, when you have debug = True. >> > >> > > Example: (You get code snippet, and all local variables at that >> snippet.) >> > > Traceback Switch to copy-and-paste view< >> http://aichronicles.com/projects/tag/#> >> > >> > > - >> > > >> >> /home/thadeusb/.myroot/usr/lib/python2.5/site-packages/django/core/handlers/base.pyin >> > > get_response >> > > 1. >> > > 2. # Complain if the view returned None (a common error). >> > > 3. if response is None: >> > > 4. try: >> > > 5. view_name = callback.func_name # If it's a function >> > > 6. except AttributeError: >> > > 7. view_name = callback.__class__.__name__ + '.__call__' # If >> it's a >> > > class >> > > 1. raise ValueError, "The view %s.%s didn't return an HttpResponse >> > > object." % (callback.__module__, view_name) ... >> > > 1. >> > > 2. return response >> > > 3. except http.Http404, e: >> > > 4. if settings.DEBUG: >> > > 5. from django.views import debug >> > > 6. return debug.technical_404_response(request, e) >> > > ▼ Local vars <http://aichronicles.com/projects/tag/#> >> > > Variable Value callback <function tag at 0xb4f8fb1c> >> > > callback_args () >> > > callback_kwargs {'url': u''} >> > > exc_info (<type 'exceptions.ValueError'>, ValueError("The view >> > > thadeusb.project.views.tag didn't return an HttpResponse >> object.",), >> > > <traceback object at 0xb4f3a784>) >> > > exceptions <module 'django.core.exceptions' from >> > > >> >> '/home/thadeusb/.myroot/usr/lib/python2.5/site-packages/django/core/exceptions.pyc'> >> > > middleware_method <bound method >> AuthenticationMiddleware.process_request >> > > of <django.contrib.auth.middleware.AuthenticationMiddleware object >> at >> > > 0xb524c1cc>> >> > > receivers [(<function _rollback_on_exception at 0xb5168b54>, >> None)] >> > > request <WSGIRequest GET:<QueryDict: {}>, POST:<QueryDict: {}>, >> > > COOKIES:{'sessionid': '00d386b0d7c15244e89f9d38ffcb588f'}, >> META:{'DH_USER': >> > > 'thadeusb', 'DOCUMENT_ROOT': '/home/thadeusb/sites/ >> aichronicles.com', >> > > 'GATEWAY_INTERFACE': 'CGI/1.1', 'HTTP_ACCEPT': >> > > 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', >> > > 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.7', >> > > 'HTTP_ACCEPT_ENCODING': 'gzip,deflate', 'HTTP_ACCEPT_LANGUAGE': >> > > 'en-us,en;q=0.5', 'HTTP_CONNECTION': 'keep-alive', 'HTTP_COOKIE': >> > > 'sessionid=00d386b0d7c15244e89f9d38ffcb588f', 'HTTP_HOST': ' >> > > aichronicles.com', 'HTTP_KEEP_ALIVE': '300', 'HTTP_REFERER': ' >> > > http://aichronicles.com/projects/', 'HTTP_USER_AGENT': >> 'Mozilla/5.0 (X11; >> > > U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090804 Firefox/3.5.2', >> 'PATH': >> > > '/bin:/usr/bin:/sbin:/usr/sbin', 'PATH_INFO': u'/projects/tag/', >> > > 'PATH_TRANSLATED': '/home/thadeusb/sites/ >> aichronicles.com/projects/tag/', >> > > 'QUERY_STRING': '', 'REDIRECT_DH_USER': 'thadeusb', >> 'REDIRECT_SCRIPT_URI': ' >> > > http://aichronicles.com/projects/tag/', 'REDIRECT_SCRIPT_URL': >> > > '/projects/tag/', 'REDIRECT_STATUS': '200', 'REDIRECT_UNIQUE_ID': >> > > 'a6gLAtBxlNEAAEvNPEQAAAAD', 'REDIRECT_URL': '/projects/tag/', >> > > 'REDIRECT_ds_id_9498040': '', 'REDIRECT_dsid': '9498040', >> 'REMOTE_ADDR': >> > > '75.27.133.239', 'REMOTE_PORT': '49955', 'REQUEST_METHOD': 'GET', >> > > 'REQUEST_URI': '/projects/tag/', 'SCRIPT_FILENAME': >> '/home/thadeusb/sites/ >> > > aichronicles.com/dispatch.fcgi', 'SCRIPT_NAME': u'', 'SCRIPT_URI': >> ' >> > > http://aichronicles.com/projects/tag/', 'SCRIPT_URL': >> '/projects/tag/', >> > > 'SERVER_ADDR': '208.113.148.201', 'SERVER_ADMIN': ' >> > > [email protected]', 'SERVER_NAME': 'aichronicles.com', >> > > 'SERVER_PORT': '80', 'SERVER_PROTOCOL': 'HTTP/1.1', >> 'SERVER_SIGNATURE': '', >> > > 'SERVER_SOFTWARE': 'Apache', 'UNIQUE_ID': >> 'a6gLAtBxlNEAAEvNPEQAAAAD', >> > > 'ds_id_9498040': '', 'dsid': '9498040', 'wsgi.errors': >> > > <flup.server.fcgi_base.OutputStream object at 0xb4f386ec>, >> 'wsgi.input': >> > > <flup.server.fcgi_base.InputStream object at 0xb4f3856c>, >> > > 'wsgi.multiprocess': False, 'wsgi.multithread': True, >> 'wsgi.run_once': >> > > False, 'wsgi.url_scheme': 'http', 'wsgi.version': (1, 0)}> >> > > resolver <RegexURLResolver thadeusb.urls ^/> >> > > response None >> > > self <django.core.handlers.wsgi.WSGIHandler object at 0xb7c0ac0c> >> > > settings <django.conf.LazySettings object at 0xb7b5eb2c> >> > > urlconf 'thadeusb.urls' >> > > urlresolvers <module 'django.core.urlresolvers' from >> > > >> >> '/home/thadeusb/.myroot/usr/lib/python2.5/site-packages/django/core/urlresolvers.pyc'> >> > > view_name 'tag' >> > >> > > Environment: Request Method: GET Request URL: >> http://aichronicles.com/projects/tag/DjangoVersion: 1.0.2 final Python >> > > Version: 2.5.2 Installed Applications: ['django.contrib.auth', >> > > 'django.contrib.contenttypes', 'django.contrib.sessions', >> > > 'django.contrib.sites', 'django.contrib.admin', >> 'django.contrib.comments', >> > > 'thadeusb.common', 'thadeusb.pages', 'thadeusb.blog', >> 'thadeusb.search', >> > > 'thadeusb.project'] Installed Middleware: >> > > ('django.middleware.common.CommonMiddleware', >> > > 'django.contrib.sessions.middleware.SessionMiddleware', >> > > 'django.contrib.auth.middleware.AuthenticationMiddleware', >> > > 'thadeusb.pages.middleware.FlatpageFallbackMiddleware') Traceback: >> File >> > > >> "/home/thadeusb/.myroot/usr/lib/python2.5/site-packages/django/core/handlers/base.py" >> > > in get_response 103. raise ValueError, "The view %s.%s didn't return >> an >> > > HttpResponse object." % (callback.__module__, view_name) Exception >> Type: >> > > ValueError at /projects/tag/ Exception Value: The view >> > > thadeusb.project.views.tag didn't return an HttpResponse object. >> > >> > > Request information GET >> > >> > > No GET data >> > > POST >> > >> > > No POST data >> > > COOKIES Variable Value sessionid '00d386b0d7c15244e89f9d38ffcb588f' >> > > META Variable Value DH_USER >> > > DOCUMENT_ROOT >> > > GATEWAY_INTERFACE 'CGI/1.1' >> > > HTTP_ACCEPT >> > > 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' >> > > HTTP_ACCEPT_CHARSET 'ISO-8859-1,utf-8;q=0.7,*;q=0.7' >> > > HTTP_ACCEPT_ENCODING 'gzip,deflate' >> > > HTTP_ACCEPT_LANGUAGE 'en-us,en;q=0.5' >> > > HTTP_CONNECTION 'keep-alive' >> > > HTTP_COOKIE 'sessionid=00d386b0d7c15244e89f9d38ffcb588f' >> > > HTTP_HOST >> > > HTTP_KEEP_ALIVE >> > > HTTP_REFERER >> > > HTTP_USER_AGENT 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) >> > > Gecko/20090804 Firefox/3.5.2' >> > > PATH >> > > PATH_INFO >> > > PATH_TRANSLATED >> > > QUERY_STRING >> > > REDIRECT_DH_USER >> > > REDIRECT_SCRIPT_URI >> > > REDIRECT_SCRIPT_URL '/projects/tag/' >> > > REDIRECT_STATUS '200' >> > > REDIRECT_UNIQUE_ID >> > > REDIRECT_URL '/projects/tag/' >> > > REDIRECT_ds_id_9498040 '' >> > > REDIRECT_dsid >> > > REMOTE_ADDR >> > > REMOTE_PORT >> > > REQUEST_METHOD 'GET' >> > > REQUEST_URI '/projects/tag/' >> > > SCRIPT_FILENAME >> > > SCRIPT_NAME >> > > SCRIPT_URI >> > > SCRIPT_URL '/projects/tag/' >> > > SERVER_ADDR >> > > SERVER_ADMIN >> > > SERVER_NAME >> > > SERVER_PORT >> > > SERVER_PROTOCOL >> > > SERVER_SIGNATURE >> > > SERVER_SOFTWARE >> > > UNIQUE_ID >> > > ds_id_9498040 >> > > dsid >> > > wsgi.errors >> > > wsgi.input >> > > wsgi.multiprocess >> > > wsgi.multithread >> > > wsgi.run_once >> > > wsgi.url_scheme >> > > wsgi.version >> > >> > > On Sun, Sep 13, 2009 at 10:04 AM, mdipierro <[email protected]> >> wrote: >> > > > re I understand. Did you look into the python trac >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
