summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorJulien Phalip <jphalip@gmail.com>2012-12-31 09:34:08 -0800
committerJulien Phalip <jphalip@gmail.com>2012-12-31 09:51:13 -0800
commitdfd8623de4e225e33c334086ff4e2ccdfb07247f (patch)
tree318b722bb3212031bfd33f0fb6bba9ed6415210e /docs
parentfd1279a44df3b9a837453cd79fd0fbcf81bae39d (diff)
[1.5.x] Fixed #19453 -- Ensured that the decorated function's arguments are obfuscated in the @sensitive_variables decorator's frame, in case the variables associated with those arguments were meant to be obfuscated from the decorated function's frame.
Thanks to vzima for the report. Backport of 9180146d21cf2a31eec
Diffstat (limited to 'docs')
-rw-r--r--docs/howto/error-reporting.txt14
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/howto/error-reporting.txt b/docs/howto/error-reporting.txt
index 5fbe5eda59..dc51d76d82 100644
--- a/docs/howto/error-reporting.txt
+++ b/docs/howto/error-reporting.txt
@@ -163,6 +163,20 @@ production environment (that is, where :setting:`DEBUG` is set to ``False``):
def my_function():
...
+ .. admonition:: When using mutiple decorators
+
+ If the variable you want to hide is also a function argument (e.g.
+ '``user``' in the following example), and if the decorated function has
+ mutiple decorators, then make sure to place ``@sensible_variables`` at
+ the top of the decorator chain. This way it will also hide the function
+ argument as it gets passed through the other decorators::
+
+ @sensitive_variables('user', 'pw', 'cc')
+ @some_decorator
+ @another_decorator
+ def process_info(user):
+ ...
+
.. function:: sensitive_post_parameters(*parameters)
If one of your views receives an :class:`~django.http.HttpRequest` object