Skip to content

Hide Authorization parameter from debug output

One-sentence description

We need to hide this HTTP var in debug output

Desired behaviour

Not show it in debug output.

Suggested solution:

Implement a SafeExceptionReporterFilter subclass and include 'Authorization' in the sensitive list.

https://docs.djangoproject.com/en/1.11/howto/error-reporting/#filtering-error-reports https://docs.djangoproject.com/en/1.11/_modules/django/views/debug/#SafeExceptionReporterFilter.get_traceback_frame_variables

First check if we can get SafeExceptionReporterFilter to play ball.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information