Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter.

Co-authored-by: Ryan Castner <castner.rr@gmail.com>
author: Carlton Gibson <carlton.gibson@noumenal.es> 2020-01-09 11:37:19 +0100
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2020-01-10 11:35:41 +0100
commit: e2d9d66a22f9004c0349f6aa9f8762fa558bdee8 (patch)
tree: 6066d3aab3769c16ff9a970b244d9154e5672189 /django/views/debug.py
parent: 581ba5a9486ed73cb81031d85b3ce1b27a960109 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/django/views/debug.py b/django/views/debug.py
index 608282c232..ae2b68ab70 100644
--- a/django/views/debug.py
+++ b/django/views/debug.py
@@ -123,6 +123,14 @@ class SafeExceptionReporterFilter(ExceptionReporterFilter):
                 settings_dict[k] = self.cleanse_setting(k, getattr(settings, k))
         return settings_dict
 
+    def get_safe_request_meta(self, request):
+        """
+        Return a dictionary of request.META with sensitive values redacted.
+        """
+        if not hasattr(request, 'META'):
+            return {}
+        return {k: self.cleanse_setting(k, v) for k, v in request.META.items()}
+
     def is_active(self, request):
         """
         This filter is to add safety in production environments (i.e. DEBUG
@@ -296,6 +304,7 @@ class ExceptionReporter:
             'unicode_hint': unicode_hint,
             'frames': frames,
             'request': self.request,
+            'request_meta': self.filter.get_safe_request_meta(self.request),
             'user_str': user_str,
             'filtered_POST_items': list(self.filter.get_post_parameters(self.request).items()),
             'settings': self.filter.get_safe_settings(),
author	Carlton Gibson <carlton.gibson@noumenal.es>	2020-01-09 11:37:19 +0100
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2020-01-10 11:35:41 +0100
commit	e2d9d66a22f9004c0349f6aa9f8762fa558bdee8 (patch)
tree	6066d3aab3769c16ff9a970b244d9154e5672189 /django/views/debug.py
parent	581ba5a9486ed73cb81031d85b3ce1b27a960109 (diff)