Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • concrexit concrexit
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 70
    • Issues 70
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 10
    • Merge requests 10
  • Deployments
    • Deployments
    • Releases
  • Packages and registries
    • Packages and registries
    • Model experiments
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • thaliathalia
  • concrexitconcrexit
  • Issues
  • #534

Hide Authorization parameter from debug output

One-sentence description

We need to hide this HTTP var in debug output

Desired behaviour

Not show it in debug output.

Suggested solution:

Implement a SafeExceptionReporterFilter subclass and include 'Authorization' in the sensitive list.

https://docs.djangoproject.com/en/1.11/howto/error-reporting/#filtering-error-reports https://docs.djangoproject.com/en/1.11/_modules/django/views/debug/#SafeExceptionReporterFilter.get_traceback_frame_variables

First check if we can get SafeExceptionReporterFilter to play ball.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking