Opened 4 years ago
Closed 4 years ago
#31942 closed Cleanup/optimization (fixed)
SafeExceptionReporterFilter does not recurse into dictionaries with non-string keys
| Reported by: | Jeremy Lainé | Owned by: | Jeremy Lainé |
|---|---|---|---|
| Component: | Error reporting | Version: | 3.1 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Ready for checkin | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
SafeExceptionReporterFilter has provisions for recursively cleaning settings by descending into lists / tuples / dictionaries - which is great! However, recursing on dictionaries only works if the keys of the dictionary are strings.
For instance it will fail to sanitize the following example:
SOME_SETTING = {1: {'login': 'cooper', 'password': 'secret'}}
The reason for this is that cleanse_setting starts by trying to apply a the hidden_settings regex to the key before attempting to recurse into the value:
Change History (5)
comment:1 by , 4 years ago
| Has patch: | set |
|---|---|
| Owner: | set to |
| Status: | new → assigned |
comment:2 by , 4 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|---|
| Type: | Uncategorized → Cleanup/optimization |
Version 0, edited 4 years ago by (next)
comment:3 by , 4 years ago
| Patch needs improvement: | set |
|---|
comment:4 by , 4 years ago
| Patch needs improvement: | unset |
|---|---|
| Triage Stage: | Accepted → Ready for checkin |
Note:
See TracTickets
for help on using tickets.
Here is a PR for this issue https://github.com/django/django/pull/13347