diff options
| author | Carlton Gibson <carlton.gibson@noumenal.es> | 2020-01-09 10:00:07 +0100 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-01-10 11:21:23 +0100 |
| commit | 581ba5a9486ed73cb81031d85b3ce1b27a960109 (patch) | |
| tree | d53ba921ce27cf9f57802ab1e40bd5ace3522032 /docs/howto/error-reporting.txt | |
| parent | 5166097d7c80cab757e44f2d02f3d148fbbc2ff6 (diff) | |
Refs #23004 -- Allowed exception reporter filters to customize settings filtering.
Thanks to Tim Graham for the original implementation idea.
Co-authored-by: Daniel Maxson <dmaxson@ccpgames.com>
Diffstat (limited to 'docs/howto/error-reporting.txt')
| -rw-r--r-- | docs/howto/error-reporting.txt | 43 |
1 files changed, 32 insertions, 11 deletions
diff --git a/docs/howto/error-reporting.txt b/docs/howto/error-reporting.txt index 8521e01c61..a4cb5d2a1a 100644 --- a/docs/howto/error-reporting.txt +++ b/docs/howto/error-reporting.txt @@ -262,25 +262,46 @@ attribute:: Your custom filter class needs to inherit from :class:`django.views.debug.SafeExceptionReporterFilter` and may override the -following methods: +following attributes and methods: .. class:: SafeExceptionReporterFilter -.. method:: SafeExceptionReporterFilter.is_active(request) + .. attribute:: cleansed_substitute - Returns ``True`` to activate the filtering operated in the other methods. - By default the filter is active if :setting:`DEBUG` is ``False``. + .. versionadded:: 3.1 -.. method:: SafeExceptionReporterFilter.get_post_parameters(request) + The string value to replace sensitive value with. By default it + replaces the values of sensitive variables with stars (`**********`). - Returns the filtered dictionary of POST parameters. By default it replaces - the values of sensitive parameters with stars (`**********`). + .. attribute:: hidden_settings -.. method:: SafeExceptionReporterFilter.get_traceback_frame_variables(request, tb_frame) + .. versionadded:: 3.1 - Returns the filtered dictionary of local variables for the given traceback - frame. By default it replaces the values of sensitive variables with stars - (`**********`). + A compiled regular expression object used to match settings considered + as sensitive. By default equivalent to:: + + import re + + re.compile(r'API|TOKEN|KEY|SECRET|PASS|SIGNATURE', flags=re.IGNORECASE) + + .. method:: is_active(request) + + Returns ``True`` to activate the filtering in + :meth:`get_post_parameters` and :meth:`get_traceback_frame_variables`. + By default the filter is active if :setting:`DEBUG` is ``False``. Note + that sensitive settings are always filtered, as described in the + :setting:`DEBUG` documentation. + + .. method:: get_post_parameters(request) + + Returns the filtered dictionary of POST parameters. Sensitive values + are replaced with :attr:`cleansed_substitute`. + + .. method:: get_traceback_frame_variables(request, tb_frame) + + Returns the filtered dictionary of local variables for the given + traceback frame. Sensitive values are replaced with + :attr:`cleansed_substitute`. .. seealso:: |