Merge lp:~canonical-isd-hackers/canonical-identity-provider/bug_553932_oops_password into lp:canonical-identity-provider/release
Proposed by
Danny Tamez
Status: | Superseded |
---|---|
Proposed branch: | lp:~canonical-isd-hackers/canonical-identity-provider/bug_553932_oops_password |
Merge into: | lp:canonical-identity-provider/release |
Diff against target: |
226 lines (+172/-8) 2 files modified
identityprovider/middleware/exception.py (+83/-4) identityprovider/tests/test_middleware.py (+89/-4) |
To merge this branch: | bzr merge lp:~canonical-isd-hackers/canonical-identity-provider/bug_553932_oops_password |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ricardo Kirkner (community) | Needs Fixing | ||
Review via email: mp+24904@code.launchpad.net |
This proposal has been superseded by a proposal from 2010-05-07.
Description of the change
Made changes so that sensitive data (defined as any setting with PASSWORD, SECRET and now PRIVATE or any request, post var with password, secret, private in it is kept out of the oops logs)
To post a comment you must log in.
Instead of duplicating django's classes and methods for this, we could just monkey-patch it. Also, we are not sanitizing local variables in frames, and sometimes sensitive data is stored locally.
What should have to be monkey-patched:
. HIDDEN_SETTINGS er.get_ traceback_ frames
. ExceptionReport
That way we still use django's in-place error reporting mechanism, but just extending it to be stricter.