diff options
| author | Julien Phalip <jphalip@gmail.com> | 2012-12-31 09:34:08 -0800 |
|---|---|---|
| committer | Julien Phalip <jphalip@gmail.com> | 2012-12-31 09:51:13 -0800 |
| commit | dfd8623de4e225e33c334086ff4e2ccdfb07247f (patch) | |
| tree | 318b722bb3212031bfd33f0fb6bba9ed6415210e /tests/regressiontests/views/views.py | |
| parent | fd1279a44df3b9a837453cd79fd0fbcf81bae39d (diff) | |
[1.5.x] Fixed #19453 -- Ensured that the decorated function's arguments are obfuscated in the @sensitive_variables decorator's frame, in case the variables associated with those arguments were meant to be obfuscated from the decorated function's frame.
Thanks to vzima for the report.
Backport of 9180146d21cf2a31eec
Diffstat (limited to 'tests/regressiontests/views/views.py')
| -rw-r--r-- | tests/regressiontests/views/views.py | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/tests/regressiontests/views/views.py b/tests/regressiontests/views/views.py index ed9d61144a..748f07637f 100644 --- a/tests/regressiontests/views/views.py +++ b/tests/regressiontests/views/views.py @@ -132,6 +132,7 @@ def send_log(request, exc_info): ][0] orig_filters = admin_email_handler.filters admin_email_handler.filters = [] + admin_email_handler.include_html = True logger.error('Internal Server Error: %s', request.path, exc_info=exc_info, extra={ @@ -184,6 +185,38 @@ def paranoid_view(request): send_log(request, exc_info) return technical_500_response(request, *exc_info) +def sensitive_args_function_caller(request): + try: + sensitive_args_function(''.join(['w', 'o', 'r', 'c', 'e', 's', 't', 'e', 'r', 's', 'h', 'i', 'r', 'e'])) + except Exception: + exc_info = sys.exc_info() + send_log(request, exc_info) + return technical_500_response(request, *exc_info) + +@sensitive_variables('sauce') +def sensitive_args_function(sauce): + # Do not just use plain strings for the variables' values in the code + # so that the tests don't return false positives when the function's source + # is displayed in the exception report. + cooked_eggs = ''.join(['s', 'c', 'r', 'a', 'm', 'b', 'l', 'e', 'd']) + raise Exception + +def sensitive_kwargs_function_caller(request): + try: + sensitive_kwargs_function(''.join(['w', 'o', 'r', 'c', 'e', 's', 't', 'e', 'r', 's', 'h', 'i', 'r', 'e'])) + except Exception: + exc_info = sys.exc_info() + send_log(request, exc_info) + return technical_500_response(request, *exc_info) + +@sensitive_variables('sauce') +def sensitive_kwargs_function(sauce=None): + # Do not just use plain strings for the variables' values in the code + # so that the tests don't return false positives when the function's source + # is displayed in the exception report. + cooked_eggs = ''.join(['s', 'c', 'r', 'a', 'm', 'b', 'l', 'e', 'd']) + raise Exception + class UnsafeExceptionReporterFilter(SafeExceptionReporterFilter): """ Ignores all the filtering done by its parent class. |