Re: [Django] #36542: AdminSite views (such as login) leak sensitive POST data (was: Improve default error reports filtering (both HTML email reports when DEBUG=False and regular reports when DEBUG=True))
2 views
Skip to first unread message
Django
Aug 6, 2025, 5:32:23 AM8/6/25
to django-...@googlegroups.com
#36542: AdminSite views (such as login) leak sensitive POST data
--------------------------------+------------------------------------
Reporter: Olivier Dalang | Owner: nobody
Type: Bug | Status: new
Component: contrib.admin | Version: 5.2
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
--------------------------------+------------------------------------
Changes (by Sarah Boyce):
* component: Error reporting => contrib.admin
* owner: (none) => nobody
* stage: Unreviewed => Accepted
* summary:
Improve default error reports filtering (both HTML email reports when
DEBUG=False and regular reports when DEBUG=True)
=> AdminSite views (such as login) leak sensitive POST data
* type: Uncategorized => Bug
Comment:
Thank you for raising
I have updated the ticket description to reflect the current bug
> In terms of fixing this, why don't we just apply the same filter used
for settings (`API|AUTH|TOKEN|KEY|SECRET|PASS|SIGNATURE|HTTP_COOKIE`) to
POST parameters as well as variables in the full trace ? I feel this would
cover most cases and be quite straightforward to implement and to
understand for users. For that matter, better to redact too many variables
than too few.
This requires more discussion as it's a change in behavior and some folks
are likely to want to see some POST data for debugging.
--
Ticket URL: <https://code.djangoproject.com/ticket/36542#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--------------------------------+------------------------------------
Reporter: Olivier Dalang | Owner: nobody
Type: Bug | Status: new
Component: contrib.admin | Version: 5.2
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
--------------------------------+------------------------------------
Changes (by Sarah Boyce):
* component: Error reporting => contrib.admin
* owner: (none) => nobody
* stage: Unreviewed => Accepted
* summary:
Improve default error reports filtering (both HTML email reports when
DEBUG=False and regular reports when DEBUG=True)
=> AdminSite views (such as login) leak sensitive POST data
* type: Uncategorized => Bug
Comment:
Thank you for raising
I have updated the ticket description to reflect the current bug
> In terms of fixing this, why don't we just apply the same filter used
for settings (`API|AUTH|TOKEN|KEY|SECRET|PASS|SIGNATURE|HTTP_COOKIE`) to
POST parameters as well as variables in the full trace ? I feel this would
cover most cases and be quite straightforward to implement and to
understand for users. For that matter, better to redact too many variables
than too few.
This requires more discussion as it's a change in behavior and some folks
are likely to want to see some POST data for debugging.
--
Ticket URL: <https://code.djangoproject.com/ticket/36542#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Reply all
Reply to author
Forward
0 new messages