In the discussion topic
Error Ticket Includes Sensitive Information on the web2py-users group, I was advised to open an issue in this group.
I'd like to see if a new feature can be added to set a list of flagged items which will be redacted from tickets created when an error is encountered.
Specific Use Case: If an error occurs during authentication, the user name and password can be exposed in the ticket.
It looks like restricted executes code defined within model, view, controller, module, etc and if an error occurs it raises a RestrictedError which captures a snapshot of the error. Snapshot captures arguments, variables, and context items (locals, request, session, and response).
For each of these captures, a filter could be added to capture sensitive keys to filter. I would propose that the filter be stored on an instance or application level. Any snapshot result which contained those filtered keys would have it's value replaced with some special redacted language.