Re: [Django] #19866: SuspiciousOperation should not be answered with HTTP 500

Thu, 09 May 2013 16:02:24 -0700 

#19866: SuspiciousOperation should not be answered with HTTP 500
---------------------------------+------------------------------------
     Reporter:  tiwoc            |                    Owner:  ptone
         Type:  Bug              |                   Status:  assigned
    Component:  HTTP handling    |                  Version:  master
     Severity:  Release blocker  |               Resolution:
     Keywords:                   |             Triage Stage:  Accepted
    Has patch:  1                |      Needs documentation:  0
  Needs tests:  0                |  Patch needs improvement:  0
Easy pickings:  0                |                    UI/UX:  0
---------------------------------+------------------------------------

Comment (by ptone):

 One of the problematic things about the use of SuspiciousOperation, is
 that there is no way to get any specificity of event types.  If you care
 about some more than others, it you're stuck with parsing strings.

 Since we only raise this exception in relatively few places (I think I
 count 8), one idea would be to subclass SuspiciousOperation for each case,
 and have the logger put in e.__name__ at the beginning of the message, so
 there would at least be that.

 If we accept Alex's premise that logging should be bifurcated, into mild
 or oh-crap, which should SuspiciousOperation be.

 My inclination is to log SuspiciousOperation events as info/warning (I'd
 group those all below Error) and have people configure logging as needed.

 This does result in a change in behavior that should be strongly called
 out in the release notes, as any  suspicious operations in <=1.5 would be
 logged to monitoring tools that watch for 500s (ie sentry) and if we
 introduce a 400 response path that handles these exceptions, a new shim
 like the 404 middleware for raven will be needed to deliver these to
 sentry as well.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/19866#comment:23>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to