#19866: SuspiciousOperation should not be answered with HTTP 500 ---------------------------------+------------------------------------ Reporter: tiwoc | Owner: ptone Type: Bug | Status: assigned Component: HTTP handling | Version: master Severity: Release blocker | Resolution: Keywords: | Triage Stage: Accepted Has patch: 1 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 ---------------------------------+------------------------------------
Comment (by ptone): One of the problematic things about the use of SuspiciousOperation, is that there is no way to get any specificity of event types. If you care about some more than others, it you're stuck with parsing strings. Since we only raise this exception in relatively few places (I think I count 8), one idea would be to subclass SuspiciousOperation for each case, and have the logger put in e.__name__ at the beginning of the message, so there would at least be that. If we accept Alex's premise that logging should be bifurcated, into mild or oh-crap, which should SuspiciousOperation be. My inclination is to log SuspiciousOperation events as info/warning (I'd group those all below Error) and have people configure logging as needed. This does result in a change in behavior that should be strongly called out in the release notes, as any suspicious operations in <=1.5 would be logged to monitoring tools that watch for 500s (ie sentry) and if we introduce a 400 response path that handles these exceptions, a new shim like the 404 middleware for raven will be needed to deliver these to sentry as well. -- Ticket URL: <https://code.djangoproject.com/ticket/19866#comment:23> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To post to this group, send email to django-updates@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.