Re: [Django] #14614: Dont send Request message when handle_uncaught_exception()

Wed, 08 Jun 2011 03:06:06 -0700 

#14614: Dont send Request message when handle_uncaught_exception()
---------------------------------------+------------------------------
               Reporter:  oaylanc      |          Owner:  julien
                   Type:  New feature  |         Status:  new
              Milestone:               |      Component:  Core (Other)
                Version:  1.2          |       Severity:  Normal
             Resolution:               |       Keywords:
           Triage Stage:  Accepted     |      Has patch:  1
    Needs documentation:  0            |    Needs tests:  0
Patch needs improvement:  0            |  Easy pickings:  0
---------------------------------------+------------------------------

Comment (by lukeplant):

 Regarding get_request_repr - I think your previous method was better,
 because it is more robust in the case of `__repr__` on the other objects
 being altered, or an entirely different Request object being supplied. I
 wouldn't worry about the small amount of code duplication, we've got
 custom requirements so we are doing a custom thing.

 Regarding hiding all POST parameters for login - I think that's fine, as
 you say we can't anticipate what parameters might be provided, or whether
 they'll be sensitive or not.

 A few comments on the latest patch:

 * I'd promote `SafeExceptionReporterFilter._is_active` to `is_active`
 since the docstring says it is meant to be overridden.
 * The global 'default_exception_reporter_filter' should cache the
 instance, not the class.
 * Similarly, the 'exception_reporter_filter' attribute should be assumed
 to be an instance, not a class, and not be called.
   * And this feature should be documented in the 'Custom error reports'
 section.
 * In the docs you say "Your custom filter class needs to inherit from
 `django.views.debug.ExceptionReporterFilter` - perhaps you should suggest
 inheriting from `SafeExceptionReporterFilter` instead, but that it must
 satisfy the interface of `ExceptionReporterFilter`. Otherwise
 `@sensitive_*` are going to stop working if they don't reproduce the
 behaviour of `SafeExceptionReporterFilter`.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/14614#comment:15>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Reply via email to