#15603 closed (fixed)
Don't send HTML emails by default
Reported by: | Karen Tracey | Owned by: | Adrian Holovaty |
---|---|---|---|
Component: | Core (Other) | Version: | 1.3-rc |
Severity: | Keywords: | blocker | |
Cc: | Triage Stage: | Accepted | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
In my experience (gmail accounts) the HTML error traceback emails new with 1.3 are much harder to read than the previous plaintext emails. They also expose far more information (potentially sensitive local variable values) than the previous emails. Proposal is to not send HTML by default, but make it easy to configure for HTML inclusion if that is what is really wanted. Attached patch does this. To get HTML included in the email you'd change your logger config to:
LOGGING = { 'version': 1, 'disable_existing_loggers': False, 'handlers': { 'mail_admins': { 'level': 'ERROR', 'class': 'django.utils.log.AdminEmailHandler', 'include_html': True, } }, 'loggers': { 'django.request':{ 'handlers': ['mail_admins'], 'level': 'ERROR', 'propagate': True, }, } }
Only change is the inclusion of the include_html: True
on the mail_admins handler definition.
Attachments (1)
Change History (11)
comment:1 by , 14 years ago
Owner: | changed from | to
---|---|
Triage Stage: | Unreviewed → Accepted |
by , 14 years ago
Attachment: | logger.diff added |
---|
comment:2 by , 14 years ago
I updated the patch to include some doc. It doesn't go into any detail about pitfalls of sending HTML email, though, nor recommend external packages in place of this built-in mechanism...two things I think were mentioned as things that should be noted in the doc, so suggestions for proper wording for that kind of stuff would be helpful (I had a hard time figuring out how to word that properly...)
comment:3 by , 14 years ago
Keywords: | blocker added |
---|
We need to address this before we cut 1.3 final.
comment:4 by , 14 years ago
Owner: | removed |
---|
I'm going to have to leave shortly so removing myself as owner.
follow-up: 6 comment:5 by , 14 years ago
Owner: | set to |
---|
Agreed this is something we need to do. I'll take a look at this patch and commit.
comment:6 by , 14 years ago
Replying to adrian:
Agreed this is something we need to do. I'll take a look at this patch and commit.
Yeah, I believe linking to http://djangopackages.com/grids/g/error-handling/ would be useful in case we try point to more complex error handling tools.
comment:7 by , 14 years ago
I don't think that's quite the right target for a link -- Lumberjack and slow-log don't really replace emails the way Sentry does. We probably should create an "error email replacements" grid. Better name, though, please.
Updated patch to include doc