Hi,
AFAIU, SafeExceptionReporterFilter takes care of removing any sensitive
data from logs. However, I today realized that this does not cover
session cookies.
In a ticket about this issue[1] it was treated not as a security issue
but more as a request for customization. That puzzled me a bit. Why are
session cookies not treated as sensitive, just like passwords are?
thanks,
tobias
[1]:
https://code.djangoproject.com/ticket/29714