#19866: SuspiciousOperation should not be answered with HTTP 500
---------------------------------+------------------------------------
Reporter: tiwoc | Owner: ptone
Type: Bug | Status: closed
Component: HTTP handling | Version: master
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by Preston Holmes <preston@…>):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"d228c1192ed59ab0114d9eba82ac99df611652d2"]:
{{{
#!CommitTicketReference repository=""
revision="d228c1192ed59ab0114d9eba82ac99df611652d2"
Fixed #19866 -- Added security logger and return 400 for
SuspiciousOperation.
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/19866#comment:29>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/063.ecb8eb0b8790bb410ddacf030fae6475%40djangoproject.com?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
