p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added exception to SuspiciousOperation logging. 

This allows better debugging and filtering of errors.
This commit is contained in:
Adam Johnson 2022-01-12 12:27:25 +00:00 committed by GitHub
parent 76aefe0fc9
commit 84e98ba194
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
django/core/handlers/exception.py
View File

@ -98,6 +98,7 @@ def response_for_exception(request, exc):
security_logger = logging.getLogger('django.security.%s' % exc.__class__.__name__)
security_logger.error(
str(exc),
exc_info=exc,
extra={'status_code': 400, 'request': request},
)
if settings.DEBUG:

8
tests/logging_tests/tests.py
View File

@ -6,7 +6,9 @@ from admin_scripts.tests import AdminScriptTestCase
from django.conf import settings
from django.core import mail
from django.core.exceptions import PermissionDenied
from django.core.exceptions import (
DisallowedHost, PermissionDenied, SuspiciousOperation,
)
from django.core.files.temp import NamedTemporaryFile
from django.core.management import color
from django.http.multipartparser import MultiPartParserError
@ -498,6 +500,7 @@ class SecurityLoggerTest(LoggingAssertionMixin, SimpleTestCase):
msg='dubious',
status_code=400,
logger='django.security.SuspiciousOperation',
exc_class=SuspiciousOperation,
)
def test_suspicious_operation_uses_sublogger(self):
@ -507,6 +510,7 @@ class SecurityLoggerTest(LoggingAssertionMixin, SimpleTestCase):
msg='dubious',
status_code=400,
logger='django.security.DisallowedHost',
exc_class=DisallowedHost,
)
@override_settings(
@ -516,7 +520,7 @@ class SecurityLoggerTest(LoggingAssertionMixin, SimpleTestCase):
def test_suspicious_email_admins(self):
self.client.get('/suspicious/')
self.assertEqual(len(mail.outbox), 1)
self.assertIn('Report at /suspicious/', mail.outbox[0].body)
self.assertIn('SuspiciousOperation at /suspicious/', mail.outbox[0].body)
class SettingsCustomLoggingTest(AdminScriptTestCase):