Opened 10 years ago
Closed 5 years ago
#23951 closed New feature (duplicate)
SafeExceptionReporterFilter does not have a way to filter and redact exception messages
Reported by: | Lukhnos Liu | Owned by: | nobody |
---|---|---|---|
Component: | Error reporting | Version: | dev |
Severity: | Normal | Keywords: | logging |
Cc: | Triage Stage: | Accepted | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
SafeExceptionReporterFilter provides methods that filter things like POST parameters and traceback variables. However, there does not seem to be a way to filter and redact the exception message itself. Here is an example:
IntegrityError: null value in column "some_column" violates not-null constraint DETAIL: Failing row contains (1, 2014-11-10 15:32:29.791438-08, Foo, Bar, null, foobar@example.org, t, null, , , 10000.00, 1, 1000.00).
This error is raised by the PostgreSQL backend, which in turn uses psycopg2's IntegrityError, which in turn reports PostgreSQL's own error verbatim. Because it dumps the entire row, this means potentially sensitive information is leaked into logs.
Note that I use a SafeExceptionReporterFilter subclass as my DEFAULT_EXCEPTION_REPORTER_FILTER, so I'm already doing some extra filtering in its get_post_parameters and get_traceback_frame_variables methods.
From the source code, it appears that the exception message is included here: https://github.com/django/django/blob/4a4ad27712b44cebada1bdaebd082cf82df74610/django/views/debug.py#L504. This lives in ExceptionReporter, not the filter. One can run their own Django fork and do something in that method, or patch it during runtime from their project. It may still be better to redact on the filter level, though.
To sum up, I believe there needs to be a way to filter exception messages, so that apps get a chance to pattern-match and redact strings that potentially contain sensitive information.
Change History (4)
comment:1 by , 10 years ago
Component: | Uncategorized → Core (Other) |
---|---|
Triage Stage: | Unreviewed → Accepted |
Type: | Bug → New feature |
Version: | 1.7 → master |
comment:2 by , 9 years ago
Component: | Core (Other) → Error reporting |
---|
comment:3 by , 5 years ago
comment:4 by , 5 years ago
Resolution: | → duplicate |
---|---|
Status: | new → closed |
#30752 (Django 3.1) allows providing a custom ExceptionReporter sublcass. That will be the place to add the logic you need.
Arguably this would be resolved by a fix to #29714 (for which there's an open PR): users could implement a custom exception reporter to filter as they needed, rather than us adding logic for each possible exclusion use-case.