#14614: Dont send Request message when handle_uncaught_exception() ---------------------------------------+------------------------------ Reporter: oaylanc | Owner: julien Type: New feature | Status: new Milestone: | Component: Core (Other) Version: 1.2 | Severity: Normal Resolution: | Keywords: Triage Stage: Accepted | Has patch: 1 Needs documentation: 0 | Needs tests: 0 Patch needs improvement: 0 | Easy pickings: 0 ---------------------------------------+------------------------------
Comment (by lukeplant): Regarding get_request_repr - I think your previous method was better, because it is more robust in the case of `__repr__` on the other objects being altered, or an entirely different Request object being supplied. I wouldn't worry about the small amount of code duplication, we've got custom requirements so we are doing a custom thing. Regarding hiding all POST parameters for login - I think that's fine, as you say we can't anticipate what parameters might be provided, or whether they'll be sensitive or not. A few comments on the latest patch: * I'd promote `SafeExceptionReporterFilter._is_active` to `is_active` since the docstring says it is meant to be overridden. * The global 'default_exception_reporter_filter' should cache the instance, not the class. * Similarly, the 'exception_reporter_filter' attribute should be assumed to be an instance, not a class, and not be called. * And this feature should be documented in the 'Custom error reports' section. * In the docs you say "Your custom filter class needs to inherit from `django.views.debug.ExceptionReporterFilter` - perhaps you should suggest inheriting from `SafeExceptionReporterFilter` instead, but that it must satisfy the interface of `ExceptionReporterFilter`. Otherwise `@sensitive_*` are going to stop working if they don't reproduce the behaviour of `SafeExceptionReporterFilter`. -- Ticket URL: <https://code.djangoproject.com/ticket/14614#comment:15> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.