diff options
author | Gabriel Hurley <gabriel@strikeawe.com> | 2012-05-24 15:25:35 -0700 |
---|---|---|
committer | Gabriel Hurley <gabriel@strikeawe.com> | 2012-05-24 15:28:01 -0700 |
commit | f986a631a25c8fa547d07d2fae4bd2b4ac1c2b9a (patch) | |
tree | b791867861e1a6af2582d5afe949c89e86c0aab0 /horizon/exceptions.py | |
parent | 629453f41ed6ddd384b6496d3d1f51e3a453e806 (diff) | |
download | horizon-f986a631a25c8fa547d07d2fae4bd2b4ac1c2b9a.tar.gz |
Make sure Horizon is treating passwords securely.
* Applies the sensitive_post_parameters and sensitive_variables
decorators to functions that handle sensitive data.
* Defines a custom Exception Filter class to provide some added
security.
* Adds notes on logging to the docs.
Fixes bug 1004114 for Horizon.
Change-Id: I13ac91d91e0ed2322cc61633b02455cfed39fdcd
Diffstat (limited to 'horizon/exceptions.py')
-rw-r--r-- | horizon/exceptions.py | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/horizon/exceptions.py b/horizon/exceptions.py index dd7ee4658..78364bf59 100644 --- a/horizon/exceptions.py +++ b/horizon/exceptions.py @@ -24,8 +24,11 @@ import sys from django.conf import settings from django.contrib import messages +from django.http import HttpRequest from django.utils import termcolors from django.utils.translation import ugettext as _ +from django.views.debug import SafeExceptionReporterFilter, CLEANSED_SUBSTITUTE + from cloudfiles import errors as swiftclient from glanceclient.common import exceptions as glanceclient from keystoneclient import exceptions as keystoneclient @@ -36,6 +39,51 @@ LOG = logging.getLogger(__name__) PALETTE = termcolors.PALETTES[termcolors.DEFAULT_PALETTE] +class HorizonReporterFilter(SafeExceptionReporterFilter): + """ Error report filter that's always active, even in DEBUG mode. """ + def is_active(self, request): + return True + + # TODO(gabriel): When Django bug #18379 is fixed, this whole method + # can be removed: https://code.djangoproject.com/ticket/18379 + def get_traceback_frame_variables(self, request, tb_frame): + """ + Replaces the values of variables marked as sensitive with + stars (*********). + """ + func_name = tb_frame.f_code.co_name + func = tb_frame.f_globals.get(func_name) + # Methods won't be in the global namespace, func could be None here... + if func is None and "self" in tb_frame.f_locals: + func = getattr(tb_frame.f_locals.get('self'), func_name, None) + sensitive_variables = getattr(func, 'sensitive_variables', []) + cleansed = [] + if self.is_active(request) and sensitive_variables: + if sensitive_variables == '__ALL__': + # Cleanse all variables + for name, value in tb_frame.f_locals.items(): + cleansed.append((name, CLEANSED_SUBSTITUTE)) + return cleansed + else: + # Cleanse specified variables + for name, value in tb_frame.f_locals.items(): + if name in sensitive_variables: + value = CLEANSED_SUBSTITUTE + elif isinstance(value, HttpRequest): + # Cleanse the request's POST parameters. + value = self.get_request_repr(value) + cleansed.append((name, value)) + return cleansed + else: + # Cleanse only the request if it's one of the frame variables. + for name, value in tb_frame.f_locals.items(): + if isinstance(value, HttpRequest): + # Cleanse the request's POST parameters. + value = self.get_request_repr(value) + cleansed.append((name, value)) + return cleansed + + class HorizonException(Exception): """ Base exception class for distinguishing our own exception classes. """ pass |