def get_post_parameters(self,
request: Optional[HttpRequest]) -> Dict[str, Any]:
post_data = SafeExceptionReporterFilter.get_post_parameters(
self, request)
assert isinstance(post_data, dict)
filtered_post = post_data.copy()
filtered_vars = [
"content",
"secret",
"password",
"key",
"api-key",
"subject",
"stream",
"subscriptions",
"to",
"csrfmiddlewaretoken",
"api_key",
"realm_counts",
"installation_counts",
]
for var in filtered_vars:
if var in filtered_post:
filtered_post[var] = "**********"
return filtered_post
def get_context(self, record):
try:
request = record.request
except Exception:
request = None
request_repr = get_sanitized_request_repr(request)
tb_list = []
code = None
if record.exc_info:
etype, _value, tb = record.exc_info
value = clean_exception(_value)
tb_list = ['Traceback (most recent call first):\n']
formatted_exception = traceback.format_exception_only(etype, value)
tb_list.extend(formatted_exception)
extracted_tb = list(reversed(traceback.extract_tb(tb)))
code = self.get_code(extracted_tb)
tb_list.extend(traceback.format_list(extracted_tb))
stack_trace = '\n'.join(tb_list)
subject = '%s: %s' % (record.levelname,
formatted_exception[0].strip() if
formatted_exception else record.getMessage())
else:
stack_trace = 'No stack trace available'
subject = '%s: %s' % (record.levelname, record.getMessage())
context = defaultdict(lambda: '')
context.update({
'subject': self.format_subject(subject),
'message': record.getMessage(),
'details': getattr(record, 'details', None),
'tb_list': tb_list,
'request_repr': request_repr,
'stack_trace': stack_trace,
'code': code,
})
if request:
sanitized_url = sanitize_url(request.build_absolute_uri())
log_counter(
ERROR_COUNT, {
'url': sanitized_url,
'group': get_url_group(sanitized_url),
'domain': getattr(request, 'domain', DATADOG_UNKNOWN),
})
context.update({
'get':
request.GET.items(),
'post':
SafeExceptionReporterFilter().get_post_parameters(request),
'method':
request.method,
'username':
request.user.username
if getattr(request, 'user', None) else "",
'url':
request.build_absolute_uri(),
})
return context
def format_request(self, request):
safe_filter = SafeExceptionReporterFilter()
http_headers = {
k: v
for k, v in request.META.items() if k.startswith('HTTP_')
}
clean_post = safe_filter.get_post_parameters(request)
return '{method} {path}\nHTTP Headers:\n {headers}\nPOST:\n {params}'.format(
method=request.method,
path=request.get_full_path(),
headers='\n '.join([
'%s: %s' % (re.sub('HTTP_', '', k), v)
for k, v in http_headers.items()
]),
params='\n '.join(
['%s: %s' % (k, v) for k, v in clean_post.items()]) or 'None')
def get_post_parameters(self, request):
filtered_post = SafeExceptionReporterFilter.get_post_parameters(self, request).copy()
filtered_vars = ['content', 'secret', 'password', 'key', 'api-key', 'subject', 'stream',
'subscriptions', 'to', 'csrfmiddlewaretoken', 'api_key']
for var in filtered_vars:
if var in filtered_post:
filtered_post[var] = '**********'
return filtered_post
def get_context(self, record):
request = None
try:
request = record.request
filter = get_exception_reporter_filter(request)
request_repr = filter.get_request_repr(request)
except Exception:
request_repr = "Request repr() unavailable."
tb_list = []
code = None
if record.exc_info:
etype, _value, tb = record.exc_info
value = clean_exception(_value)
tb_list = ['Traceback (most recent call first):\n']
formatted_exception = traceback.format_exception_only(etype, value)
tb_list.extend(formatted_exception)
extracted_tb = list(reversed(traceback.extract_tb(tb)))
code = self.get_code(extracted_tb)
tb_list.extend(traceback.format_list(extracted_tb))
stack_trace = '\n'.join(tb_list)
subject = '%s: %s' % (record.levelname,
formatted_exception[0].strip() if
formatted_exception else record.getMessage())
else:
stack_trace = 'No stack trace available'
subject = '%s: %s' % (record.levelname, record.getMessage())
context = defaultdict(lambda: '')
context.update({
'subject': self.format_subject(subject),
'message': record.getMessage(),
'details': getattr(record, 'details', None),
'tb_list': tb_list,
'request_repr': request_repr,
'stack_trace': stack_trace,
'code': code,
})
if request:
context.update({
'get':
request.GET,
'post':
SafeExceptionReporterFilter().get_post_parameters(request),
'method':
request.method,
'url':
request.build_absolute_uri(),
})
return context
def get_data_from_request(self, request):
request.POST = SafeExceptionReporterFilter().get_post_parameters(
request)
result = super(SensitiveDjangoClient,
self).get_data_from_request(request)
# override the request.data with POST data
# POST data contains no sensitive info in it
result['request']['data'] = request.POST
# remove the whole cookie as it contains DRF auth token and session id
if 'cookies' in result['request']:
del result['request']['cookies']
if 'Cookie' in result['request']['headers']:
del result['request']['headers']['Cookie']
return result
def process_body(self, request):
if not request.body:
return
should_skip_logging = self._should_log_route(request)
if should_skip_logging:
return
logging_context = self._get_logging_context(request, None)
content_type = request.META.get('CONTENT_TYPE', '')
is_multipart = content_type.startswith('multipart/form-data')
to_log = None
if is_multipart:
self.boundary = '--' + content_type[
30:] # First 30 characters are "multipart/form-data; boundary="
self._log_multipart(self._chunked_to_max(request.body),
logging_context)
elif request.POST:
to_log = str(SafeExceptionReporterFilter().get_post_parameters(
request).dict())
else:
to_log = request.body
if to_log:
self.logger.log(self.log_level, self._chunked_to_max(to_log),
logging_context)
# Django
from django.contrib.auth.decorators import user_passes_test
from django.shortcuts import render
from django.views.debug import SafeExceptionReporterFilter
# Local
from .utils import get_db_info
from .utils import get_installed_packages
from .utils import get_locale_info
from .utils import get_migrations
from .utils import get_python_paths
from .utils import get_system_locales
from .utils import get_versions
get_safe_settings = SafeExceptionReporterFilter().get_safe_settings
@user_passes_test(lambda u: u.is_superuser)
def environment_settings_view(request,
template_name="environment-report.html"):
"""
Generate a report of the django environment.
Only Superusers have access to it.
"""
context = {
"settings": get_safe_settings(),
"installed_packages": get_installed_packages(),
"versions": get_versions(),
"python_paths": get_python_paths(),
def get_safe_settings():
return SafeExceptionReporterFilter().get_safe_settings()
