Geek Answers Handbook

Is it possible to use Django SafeExceptionReporterFilter with something other than AdminEmailHandler?

I am trying to filter out sensitive information using Django @sensitive_post_parameters . I thought that adding these annotations for a few specific functions would be enough, but that would not work. I set a breakpoint inside SafeExceptionReporterFilter , and it breaks only when called from AdminEmailHandler and not other handlers. What am I missing?

+7
python filter django logging error-logging
source share
2 answers

Even if you use SafeExceptionReporterFilter , exceptions will contain important data (for example, ENV server variables and other data at run time).

In order not to expose sensitive data, you should not use this filter. Instead, write your own Exception Handler middleware and selectively (recursively?) Retrieve the necessary data in the logs.

See sys.exc_info for how to get an exception trace and how to use it for your needs.

Even if you pass using CustomHandler, you will be limited to a specific handler, and as far as I know, third-party handlers will not use SafeExceptionReporterFilter .

+1
source share

You can write a custom Handler that uses django.views.debug.ExceptionReporter to format the exception.

Example of using ExceptionReporter :

 from django.views.debug import ExceptionReporter # exc_type, exc_value, traceback are a standard exception # tuple as returned by sys.exc_info reporter = ExceptionReporter(request, exc_type, exc_value, traceback) html_report = reporter.get_traceback_html() text_report = reporter.get_traceback_text()

ExceptionReporter will use the ExceptionReporterFilter defined by the DEFAULT_EXCEPTION_REPORTER_FILTER parameter, which by default is SafeExceptionReporterFilter .

Take a look at the AdminEmailHandler implementation for information on how to create a custom Handler .

+2
source share

More articles:


All Articles