Opened 3 years ago

Last modified 2 years ago

#23951 new New feature

SafeExceptionReporterFilter does not have a way to filter and redact exception messages

Reported by: Lukhnos Liu Owned by: nobody
Component: Error reporting Version: master
Severity: Normal Keywords: logging
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

SafeExceptionReporterFilter provides methods that filter things like POST parameters and traceback variables. However, there does not seem to be a way to filter and redact the exception message itself. Here is an example:

IntegrityError: null value in column "some_column" violates not-null constraint
DETAIL:  Failing row contains (1, 2014-11-10 15:32:29.791438-08, Foo, Bar, null, foobar@example.org, t, null, , , 10000.00, 1, 1000.00).

This error is raised by the PostgreSQL backend, which in turn uses psycopg2's IntegrityError, which in turn reports PostgreSQL's own error verbatim. Because it dumps the entire row, this means potentially sensitive information is leaked into logs.

Note that I use a SafeExceptionReporterFilter subclass as my DEFAULT_EXCEPTION_REPORTER_FILTER, so I'm already doing some extra filtering in its get_post_parameters and get_traceback_frame_variables methods.

From the source code, it appears that the exception message is included here: https://github.com/django/django/blob/4a4ad27712b44cebada1bdaebd082cf82df74610/django/views/debug.py#L504. This lives in ExceptionReporter, not the filter. One can run their own Django fork and do something in that method, or patch it during runtime from their project. It may still be better to redact on the filter level, though.

To sum up, I believe there needs to be a way to filter exception messages, so that apps get a chance to pattern-match and redact strings that potentially contain sensitive information.

Change History (2)

comment:1 Changed 3 years ago by Tim Graham

Component: UncategorizedCore (Other)
Triage Stage: UnreviewedAccepted
Type: BugNew feature
Version: 1.7master

comment:2 Changed 2 years ago by Tim Graham

Component: Core (Other)Error reporting
Note: See TracTickets for help on using tickets.
Back to Top