summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorCarlton Gibson <carlton.gibson@noumenal.es>2020-01-09 11:37:19 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2020-01-10 11:35:41 +0100
commite2d9d66a22f9004c0349f6aa9f8762fa558bdee8 (patch)
tree6066d3aab3769c16ff9a970b244d9154e5672189 /docs
parent581ba5a9486ed73cb81031d85b3ce1b27a960109 (diff)
Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter.
Co-authored-by: Ryan Castner <castner.rr@gmail.com>
Diffstat (limited to 'docs')
-rw-r--r--docs/howto/error-reporting.txt10
-rw-r--r--docs/releases/3.1.txt6
2 files changed, 11 insertions, 5 deletions
diff --git a/docs/howto/error-reporting.txt b/docs/howto/error-reporting.txt
index a4cb5d2a1a..e145897b2a 100644
--- a/docs/howto/error-reporting.txt
+++ b/docs/howto/error-reporting.txt
@@ -277,8 +277,9 @@ following attributes and methods:
.. versionadded:: 3.1
- A compiled regular expression object used to match settings considered
- as sensitive. By default equivalent to::
+ A compiled regular expression object used to match settings and
+ ``request.META`` values considered as sensitive. By default equivalent
+ to::
import re
@@ -289,8 +290,9 @@ following attributes and methods:
Returns ``True`` to activate the filtering in
:meth:`get_post_parameters` and :meth:`get_traceback_frame_variables`.
By default the filter is active if :setting:`DEBUG` is ``False``. Note
- that sensitive settings are always filtered, as described in the
- :setting:`DEBUG` documentation.
+ that sensitive ``request.META`` values are always filtered along with
+ sensitive setting values, as described in the :setting:`DEBUG`
+ documentation.
.. method:: get_post_parameters(request)
diff --git a/docs/releases/3.1.txt b/docs/releases/3.1.txt
index 48df0a0d66..29e5e22314 100644
--- a/docs/releases/3.1.txt
+++ b/docs/releases/3.1.txt
@@ -161,9 +161,13 @@ Email
Error Reporting
~~~~~~~~~~~~~~~
+* :class:`django.views.debug.SafeExceptionReporterFilter` now filters sensitive
+ values from ``request.META`` in exception reports.
+
* The new :attr:`.SafeExceptionReporterFilter.cleansed_substitute` and
:attr:`.SafeExceptionReporterFilter.hidden_settings` attributes allow
- customization of sensitive settings filtering in exception reports.
+ customization of sensitive settings and ``request.META`` filtering in
+ exception reports.
* The technical 404 debug view now respects
:setting:`DEFAULT_EXCEPTION_REPORTER_FILTER` when applying settings