Opened 7 years ago

Last modified 17 months ago

#11919 new New feature

dpaste.com feature in debug traceback view should be optional

Reported by: mike w Owned by: nobody
Component: Error reporting Version: master
Severity: Normal Keywords:
Cc: Zach Borboa Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

In the default debug stacktrace view, the "copy-and-paste view" includes a helpful form to submit the traceback to dpaste.com. When the (very large) form submit button is clicked, the full stack trace and environment is immediately posted to dpaste.com.

This feature poses security risk: a careless click can immediately publish a stack trace to third-party site, with no protection of the data in transit, and no access controls at the remote side. For individuals or organizations working on confidential projects, there is typically no interest in sharing any information externally.

It does require two clicks to cause such an accident (one to toggle copy-and-paste view, another to submit the form), making it unlikely to happen -- but we have had it happen, and at my organization we'd sleep far better with this feature disabled on all projects.

Suggestion 1: Make use of this pastebin an optional feature (patch attached).

Suggestion 2: Make this feature default disabled (flip bit in attached patch; default preserves existing behavior).

Suggestion 3: Make the pastebin form customizable, so that a provider other than dpaste may be used (for example, an internal pastebin.) I don't have much interest in this, so I've not attempted the larger change.

thanks.

Attachments (1)

django-dpaste-optional.diff (1.9 KB) - added by mike w 7 years ago.
patch to add ENABLE_DPASTE setting

Download all attachments as: .zip

Change History (9)

Changed 7 years ago by mike w

Attachment: django-dpaste-optional.diff added

patch to add ENABLE_DPASTE setting

comment:1 Changed 7 years ago by Russell Keith-Magee

Patch needs improvement: set
Triage Stage: UnreviewedAccepted

I think your option 3 is a better approach. Accepting on that basis.

comment:2 Changed 6 years ago by Julien Phalip

Severity: Normal
Type: New feature

comment:3 Changed 5 years ago by Aymeric Augustin

UI/UX: unset

Change UI/UX from NULL to False.

comment:4 Changed 5 years ago by Aymeric Augustin

Easy pickings: unset

Change Easy pickings from NULL to False.

comment:5 Changed 2 years ago by Zach Borboa

Cc: Zach Borboa added

comment:6 Changed 2 years ago by Berker Peksag

Patch needs improvement: unset
Version: 1.1master

comment:7 Changed 2 years ago by Tim Graham

Patch needs improvement: set

Comments for improvement are on the PR.

comment:8 Changed 17 months ago by Tim Graham

Component: Core (Other)Error reporting
Note: See TracTickets for help on using tickets.
Back to Top