0
0
mirror of https://github.com/django/django.git synced 2024-11-29 22:56:46 +01:00
django/docs/howto/error-reporting.txt
Aymeric Augustin 3f1c7b7053 Simplified default project template.
Squashed commit of:

commit 508ec9144b35c50794708225b496bde1eb5e60aa
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 22:50:55 2013 +0100

    Tweaked default settings file.

    * Explained why BASE_DIR exists.
    * Added a link to the database configuration options, and put it in its
      own section.
    * Moved sensitive settings that must be changed for production at the
      top.

commit 6515fd2f1aa73a86dc8dbd2ccf512ddb6b140d57
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 14:35:21 2013 +0100

    Documented the simplified app & project templates in the changelog.

commit 2c5b576c2ea91d84273a019b3d0b3b8b4da72f23
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 13:59:27 2013 +0100

    Minor fixes in tutorials 5 and 6.

commit 55a51531be8104f21b3cca3f6bf70b0a7139a041
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 13:51:11 2013 +0100

    Updated tutorial 2 for the new project template.

commit 29ddae87bdaecff12dd31b16b000c01efbde9e20
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 11:58:54 2013 +0100

    Updated tutorial 1 for the new project template.

commit 0ecb9f6e2514cfd26a678a280d471433375101a3
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 11:29:13 2013 +0100

    Adjusted the default URLconf detection to account for the admin.

    It's now enabled by default.

commit 5fb4da0d3d09dac28dd94e3fde92b9d4335c0565
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 10:36:55 2013 +0100

    Added security warnings for the most sensitive settings.

commit 718d84bd8ac4a42fb4b28ec93965de32680f091e
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 23:24:06 2013 +0100

    Used an absolute path for the SQLite database.

    This ensures the settings file works regardless of which directory
    django-admin.py / manage.py is invoked from.

    BASE_DIR got a +1 from a BDFL and another core dev. It doesn't involve
    the concept of a "Django project"; it's just a convenient way to express
    relative paths within the source code repository for non-Python files.

    Thanks Jacob Kaplan-Moss for the suggestion.

commit 1b559b4bcda622e10909b68fe5cab90db6727dd9
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 23:22:40 2013 +0100

    Removed STATIC_ROOT from the default settings template.

    It isn't necessary in development, and it confuses beginners to no end.

    Thanks Carl Meyer for the suggestion.

commit a55f141a500bb7c9a1bc259bbe1954c13b199671
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 23:21:43 2013 +0100

    Removed MEDIA_ROOT/URL from default settings template.

    Many sites will never deal with user-uploaded files, and MEDIA_ROOT is
    complicated to explain.

    Thanks Carl Meyer for the suggestion.

commit 44bf2f2441420fd9429ee9fe1f7207f92dd87e70
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 22:22:09 2013 +0100

    Removed logging config.

    This configuration is applied regardless of the value of LOGGING;
    duplicating it in LOGGING is confusing.

commit eac747e848eaed65fd5f6f254f0a7559d856f88f
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 22:05:31 2013 +0100

    Enabled the locale middleware by default.

    USE_I18N is True by default, and doesn't work well without
    LocaleMiddleware.

commit d806c62b2d00826dc2688c84b092627b8d571cab
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 22:03:16 2013 +0100

    Enabled clickjacking protection by default.

commit 99152c30e6a15003f0b6737dc78e87adf462aacb
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 22:01:48 2013 +0100

    Reorganized settings in logical sections, and trimmed comments.

commit d37ffdfcb24b7e0ec7cc113d07190f65fb12fb8a
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:54:11 2013 +0100

    Avoided misleading TEMPLATE_DEBUG = DEBUG.

    According to the docs TEMPLATE_DEBUG works only when DEBUG = True.

commit 15d9478d3a9850e85841e7cf09cf83050371c6bf
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:46:25 2013 +0100

    Removed STATICFILES_FINDERS/TEMPLATE_LOADERS from default settings file.

    Only developers with special needs ever need to change these settings.

commit 574da0eb5bfb4570883756914b4dbd7e20e1f61e
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:45:01 2013 +0100

    Removed STATICFILES/TEMPLATES_DIRS from default settings file.

    The current best practice is to put static files and templates in
    applications, for easier testing and deployment.

commit 8cb18dbe56629aa1be74718a07e7cc66b4f9c9f0
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:24:16 2013 +0100

    Removed settings related to email reporting from default settings file.

    While handy for small scale projects, it isn't exactly a best practice.

commit 8ecbfcb3638058f0c49922540f874a7d802d864f
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 18:54:43 2013 +0100

    Documented how to enable the sites framework.

commit 23fc91a6fa67d91ddd9d71b1c3e0dc26bdad9841
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:28:59 2013 +0100

    Disabled the sites framework by default.

    RequestSite does the job for single-domain websites.

commit c4d82eb8afc0eb8568bf9c4d12644272415e3960
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Jan 29 00:08:33 2013 +0100

    Added a default admin.py to the application template.

    Thanks Ryan D Hiebert for the suggestion.

commit 4071dc771e5c44b1c5ebb9beecefb164ae465e22
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 10:59:49 2013 +0100

    Enabled the admin by default.

    Everyone uses the admin.

commit c807a31f8d89e7e7fd97380e3023f7983a8b6fcb
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 10:57:05 2013 +0100

    Removed admindocs from default project template.

commit 09e4ce0e652a97da1a9e285046a91c8ad7a9189c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:32:52 2013 +0100

    Added links to the settings documentation.

commit 5b8f5eaef364eb790fcde6f9e86f7d266074cca8
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 11:06:54 2013 +0100

    Used a significant example for URLconf includes.

commit 908e91d6fcee2a3cb51ca26ecdf12a6a24e69ef8
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 16:22:31 2013 +0100

    Moved code comments about WSGI to docs, and rewrote said docs.

commit 50417e51996146f891d08ca8b74dcc736a581932
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Jan 28 15:51:50 2013 +0100

    Normalized the default application template.

    Removed the default test that 1 + 1 = 2, because it's been committed
    way too many times, in too many projects.

    Added an import of `render` for views, because the first view will
    often be:

    def home(request):
        return render(request, "mysite/home.html")
2013-02-04 13:21:36 +01:00

273 lines
11 KiB
Plaintext

Error reporting
===============
When you're running a public site you should always turn off the
:setting:`DEBUG` setting. That will make your server run much faster, and will
also prevent malicious users from seeing details of your application that can be
revealed by the error pages.
However, running with :setting:`DEBUG` set to ``False`` means you'll never see
errors generated by your site -- everyone will just see your public error pages.
You need to keep track of errors that occur in deployed sites, so Django can be
configured to create reports with details about those errors.
Email reports
-------------
Server errors
~~~~~~~~~~~~~
When :setting:`DEBUG` is ``False``, Django will email the users listed in the
:setting:`ADMINS` setting whenever your code raises an unhandled exception and
results in an internal server error (HTTP status code 500). This gives the
administrators immediate notification of any errors. The :setting:`ADMINS` will
get a description of the error, a complete Python traceback, and details about
the HTTP request that caused the error.
.. note::
In order to send email, Django requires a few settings telling it
how to connect to your mail server. At the very least, you'll need
to specify :setting:`EMAIL_HOST` and possibly
:setting:`EMAIL_HOST_USER` and :setting:`EMAIL_HOST_PASSWORD`,
though other settings may be also required depending on your mail
server's configuration. Consult :doc:`the Django settings
documentation </ref/settings>` for a full list of email-related
settings.
By default, Django will send email from root@localhost. However, some mail
providers reject all email from this address. To use a different sender
address, modify the :setting:`SERVER_EMAIL` setting.
To activate this behavior, put the email addresses of the recipients in the
:setting:`ADMINS` setting.
.. seealso::
Server error emails are sent using the logging framework, so you can
customize this behavior by :doc:`customizing your logging configuration
</topics/logging>`.
404 errors
~~~~~~~~~~
Django can also be configured to email errors about broken links (404 "page
not found" errors). Django sends emails about 404 errors when:
* :setting:`DEBUG` is ``False``;
* Your :setting:`MIDDLEWARE_CLASSES` setting includes
:class:`django.middleware.common.BrokenLinkEmailsMiddleware`.
If those conditions are met, Django will email the users listed in the
:setting:`MANAGERS` setting whenever your code raises a 404 and the request has
a referer. (It doesn't bother to email for 404s that don't have a referer --
those are usually just people typing in broken URLs or broken Web 'bots).
.. note::
:class:`~django.middleware.common.BrokenLinkEmailsMiddleware` must appear
before other middleware that intercepts 404 errors, such as
:class:`~django.middleware.locale.LocaleMiddleware` or
:class:`~django.contrib.flatpages.middleware.FlatpageFallbackMiddleware`.
Put it towards the top of your :setting:`MIDDLEWARE_CLASSES` setting.
You can tell Django to stop reporting particular 404s by tweaking the
:setting:`IGNORABLE_404_URLS` setting. It should be a tuple of compiled
regular expression objects. For example::
import re
IGNORABLE_404_URLS = (
re.compile(r'\.(php|cgi)$'),
re.compile(r'^/phpmyadmin/'),
)
In this example, a 404 to any URL ending with ``.php`` or ``.cgi`` will *not* be
reported. Neither will any URL starting with ``/phpmyadmin/``.
The following example shows how to exclude some conventional URLs that browsers and
crawlers often request::
import re
IGNORABLE_404_URLS = (
re.compile(r'^/apple-touch-icon.*\.png$'),
re.compile(r'^/favicon\.ico$'),
re.compile(r'^/robots\.txt$'),
)
(Note that these are regular expressions, so we put a backslash in front of
periods to escape them.)
.. seealso::
404 errors are logged using the logging framework. By default, these log
records are ignored, but you can use them for error reporting by writing a
handler and :doc:`configuring logging </topics/logging>` appropriately.
.. _filtering-error-reports:
Filtering error reports
-----------------------
Filtering sensitive information
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Error reports are really helpful for debugging errors, so it is generally
useful to record as much relevant information about those errors as possible.
For example, by default Django records the `full traceback`_ for the
exception raised, each `traceback frame`_'s local variables, and the
:class:`~django.http.HttpRequest`'s :ref:`attributes<httprequest-attributes>`.
However, sometimes certain types of information may be too sensitive and thus
may not be appropriate to be kept track of, for example a user's password or
credit card number. So Django offers a set of function decorators to help you
control which information should be filtered out of error reports in a
production environment (that is, where :setting:`DEBUG` is set to ``False``):
:func:`sensitive_variables` and :func:`sensitive_post_parameters`.
.. _`full traceback`: http://en.wikipedia.org/wiki/Stack_trace
.. _`traceback frame`: http://en.wikipedia.org/wiki/Stack_frame
.. function:: sensitive_variables(*variables)
If a function (either a view or any regular callback) in your code uses
local variables susceptible to contain sensitive information, you may
prevent the values of those variables from being included in error reports
using the ``sensitive_variables`` decorator::
from django.views.decorators.debug import sensitive_variables
@sensitive_variables('user', 'pw', 'cc')
def process_info(user):
pw = user.pass_word
cc = user.credit_card_number
name = user.name
...
In the above example, the values for the ``user``, ``pw`` and ``cc``
variables will be hidden and replaced with stars (`**********`) in the
error reports, whereas the value of the ``name`` variable will be
disclosed.
To systematically hide all local variables of a function from error logs,
do not provide any argument to the ``sensitive_variables`` decorator::
@sensitive_variables()
def my_function():
...
.. admonition:: When using mutiple decorators
If the variable you want to hide is also a function argument (e.g.
'``user``' in the following example), and if the decorated function has
mutiple decorators, then make sure to place ``@sensitive_variables`` at
the top of the decorator chain. This way it will also hide the function
argument as it gets passed through the other decorators::
@sensitive_variables('user', 'pw', 'cc')
@some_decorator
@another_decorator
def process_info(user):
...
.. function:: sensitive_post_parameters(*parameters)
If one of your views receives an :class:`~django.http.HttpRequest` object
with :attr:`POST parameters<django.http.HttpRequest.POST>` susceptible to
contain sensitive information, you may prevent the values of those
parameters from being included in the error reports using the
``sensitive_post_parameters`` decorator::
from django.views.decorators.debug import sensitive_post_parameters
@sensitive_post_parameters('pass_word', 'credit_card_number')
def record_user_profile(request):
UserProfile.create(user=request.user,
password=request.POST['pass_word'],
credit_card=request.POST['credit_card_number'],
name=request.POST['name'])
...
In the above example, the values for the ``pass_word`` and
``credit_card_number`` POST parameters will be hidden and replaced with
stars (`**********`) in the request's representation inside the error
reports, whereas the value of the ``name`` parameter will be disclosed.
To systematically hide all POST parameters of a request in error reports,
do not provide any argument to the ``sensitive_post_parameters`` decorator::
@sensitive_post_parameters()
def my_view(request):
...
All POST parameters are systematically filtered out of error reports for
certain :mod:`django.contrib.auth.views` views (``login``,
``password_reset_confirm``, ``password_change``, and ``add_view`` and
``user_change_password`` in the ``auth`` admin) to prevent the leaking of
sensitive information such as user passwords.
.. _custom-error-reports:
Custom error reports
~~~~~~~~~~~~~~~~~~~~
All :func:`sensitive_variables` and :func:`sensitive_post_parameters` do is,
respectively, annotate the decorated function with the names of sensitive
variables and annotate the ``HttpRequest`` object with the names of sensitive
POST parameters, so that this sensitive information can later be filtered out
of reports when an error occurs. The actual filtering is done by Django's
default error reporter filter:
:class:`django.views.debug.SafeExceptionReporterFilter`. This filter uses the
decorators' annotations to replace the corresponding values with stars
(`**********`) when the error reports are produced. If you wish to override or
customize this default behavior for your entire site, you need to define your
own filter class and tell Django to use it via the
:setting:`DEFAULT_EXCEPTION_REPORTER_FILTER` setting::
DEFAULT_EXCEPTION_REPORTER_FILTER = 'path.to.your.CustomExceptionReporterFilter'
You may also control in a more granular way which filter to use within any
given view by setting the ``HttpRequest``'s ``exception_reporter_filter``
attribute::
def my_view(request):
if request.user.is_authenticated():
request.exception_reporter_filter = CustomExceptionReporterFilter()
...
Your custom filter class needs to inherit from
:class:`django.views.debug.SafeExceptionReporterFilter` and may override the
following methods:
.. class:: django.views.debug.SafeExceptionReporterFilter
.. method:: SafeExceptionReporterFilter.is_active(self, request)
Returns ``True`` to activate the filtering operated in the other methods.
By default the filter is active if :setting:`DEBUG` is ``False``.
.. method:: SafeExceptionReporterFilter.get_request_repr(self, request)
Returns the representation string of the request object, that is, the
value that would be returned by ``repr(request)``, except it uses the
filtered dictionary of POST parameters as determined by
:meth:`SafeExceptionReporterFilter.get_post_parameters`.
.. method:: SafeExceptionReporterFilter.get_post_parameters(self, request)
Returns the filtered dictionary of POST parameters. By default it replaces
the values of sensitive parameters with stars (`**********`).
.. method:: SafeExceptionReporterFilter.get_traceback_frame_variables(self, request, tb_frame)
Returns the filtered dictionary of local variables for the given traceback
frame. By default it replaces the values of sensitive variables with stars
(`**********`).
.. seealso::
You can also set up custom error reporting by writing a custom piece of
:ref:`exception middleware <exception-middleware>`. If you do write custom
error handling, it's a good idea to emulate Django's built-in error handling
and only report/log errors if :setting:`DEBUG` is ``False``.