def get_post_parameters(self, request: Optional[HttpRequest]) -> Dict[str, Any]: post_data = SafeExceptionReporterFilter.get_post_parameters( self, request) assert isinstance(post_data, dict) filtered_post = post_data.copy() filtered_vars = [ "content", "secret", "password", "key", "api-key", "subject", "stream", "subscriptions", "to", "csrfmiddlewaretoken", "api_key", "realm_counts", "installation_counts", ] for var in filtered_vars: if var in filtered_post: filtered_post[var] = "**********" return filtered_post
def get_context(self, record): try: request = record.request except Exception: request = None request_repr = get_sanitized_request_repr(request) tb_list = [] code = None if record.exc_info: etype, _value, tb = record.exc_info value = clean_exception(_value) tb_list = ['Traceback (most recent call first):\n'] formatted_exception = traceback.format_exception_only(etype, value) tb_list.extend(formatted_exception) extracted_tb = list(reversed(traceback.extract_tb(tb))) code = self.get_code(extracted_tb) tb_list.extend(traceback.format_list(extracted_tb)) stack_trace = '\n'.join(tb_list) subject = '%s: %s' % (record.levelname, formatted_exception[0].strip() if formatted_exception else record.getMessage()) else: stack_trace = 'No stack trace available' subject = '%s: %s' % (record.levelname, record.getMessage()) context = defaultdict(lambda: '') context.update({ 'subject': self.format_subject(subject), 'message': record.getMessage(), 'details': getattr(record, 'details', None), 'tb_list': tb_list, 'request_repr': request_repr, 'stack_trace': stack_trace, 'code': code, }) if request: sanitized_url = sanitize_url(request.build_absolute_uri()) log_counter( ERROR_COUNT, { 'url': sanitized_url, 'group': get_url_group(sanitized_url), 'domain': getattr(request, 'domain', DATADOG_UNKNOWN), }) context.update({ 'get': request.GET.items(), 'post': SafeExceptionReporterFilter().get_post_parameters(request), 'method': request.method, 'username': request.user.username if getattr(request, 'user', None) else "", 'url': request.build_absolute_uri(), }) return context
def format_request(self, request): safe_filter = SafeExceptionReporterFilter() http_headers = { k: v for k, v in request.META.items() if k.startswith('HTTP_') } clean_post = safe_filter.get_post_parameters(request) return '{method} {path}\nHTTP Headers:\n {headers}\nPOST:\n {params}'.format( method=request.method, path=request.get_full_path(), headers='\n '.join([ '%s: %s' % (re.sub('HTTP_', '', k), v) for k, v in http_headers.items() ]), params='\n '.join( ['%s: %s' % (k, v) for k, v in clean_post.items()]) or 'None')
def get_post_parameters(self, request): filtered_post = SafeExceptionReporterFilter.get_post_parameters(self, request).copy() filtered_vars = ['content', 'secret', 'password', 'key', 'api-key', 'subject', 'stream', 'subscriptions', 'to', 'csrfmiddlewaretoken', 'api_key'] for var in filtered_vars: if var in filtered_post: filtered_post[var] = '**********' return filtered_post
def get_context(self, record): request = None try: request = record.request filter = get_exception_reporter_filter(request) request_repr = filter.get_request_repr(request) except Exception: request_repr = "Request repr() unavailable." tb_list = [] code = None if record.exc_info: etype, _value, tb = record.exc_info value = clean_exception(_value) tb_list = ['Traceback (most recent call first):\n'] formatted_exception = traceback.format_exception_only(etype, value) tb_list.extend(formatted_exception) extracted_tb = list(reversed(traceback.extract_tb(tb))) code = self.get_code(extracted_tb) tb_list.extend(traceback.format_list(extracted_tb)) stack_trace = '\n'.join(tb_list) subject = '%s: %s' % (record.levelname, formatted_exception[0].strip() if formatted_exception else record.getMessage()) else: stack_trace = 'No stack trace available' subject = '%s: %s' % (record.levelname, record.getMessage()) context = defaultdict(lambda: '') context.update({ 'subject': self.format_subject(subject), 'message': record.getMessage(), 'details': getattr(record, 'details', None), 'tb_list': tb_list, 'request_repr': request_repr, 'stack_trace': stack_trace, 'code': code, }) if request: context.update({ 'get': request.GET, 'post': SafeExceptionReporterFilter().get_post_parameters(request), 'method': request.method, 'url': request.build_absolute_uri(), }) return context
def get_data_from_request(self, request): request.POST = SafeExceptionReporterFilter().get_post_parameters( request) result = super(SensitiveDjangoClient, self).get_data_from_request(request) # override the request.data with POST data # POST data contains no sensitive info in it result['request']['data'] = request.POST # remove the whole cookie as it contains DRF auth token and session id if 'cookies' in result['request']: del result['request']['cookies'] if 'Cookie' in result['request']['headers']: del result['request']['headers']['Cookie'] return result
def process_body(self, request): if not request.body: return should_skip_logging = self._should_log_route(request) if should_skip_logging: return logging_context = self._get_logging_context(request, None) content_type = request.META.get('CONTENT_TYPE', '') is_multipart = content_type.startswith('multipart/form-data') to_log = None if is_multipart: self.boundary = '--' + content_type[ 30:] # First 30 characters are "multipart/form-data; boundary=" self._log_multipart(self._chunked_to_max(request.body), logging_context) elif request.POST: to_log = str(SafeExceptionReporterFilter().get_post_parameters( request).dict()) else: to_log = request.body if to_log: self.logger.log(self.log_level, self._chunked_to_max(to_log), logging_context)
# Django from django.contrib.auth.decorators import user_passes_test from django.shortcuts import render from django.views.debug import SafeExceptionReporterFilter # Local from .utils import get_db_info from .utils import get_installed_packages from .utils import get_locale_info from .utils import get_migrations from .utils import get_python_paths from .utils import get_system_locales from .utils import get_versions get_safe_settings = SafeExceptionReporterFilter().get_safe_settings @user_passes_test(lambda u: u.is_superuser) def environment_settings_view(request, template_name="environment-report.html"): """ Generate a report of the django environment. Only Superusers have access to it. """ context = { "settings": get_safe_settings(), "installed_packages": get_installed_packages(), "versions": get_versions(), "python_paths": get_python_paths(),
def get_safe_settings(): return SafeExceptionReporterFilter().get_safe_settings()