On Tuesday, March 26, 2019 at 2:29:18 PM UTC-7, zm wrote: > > I feel like I am missing something, so forgive me if I sound sarcastic, > it's not intended. >
And I hope you didn't think I was rejecting your idea; I felt it worthy of discussion, but I wanted you to be more specific about the concerns. > > The framework should present the ability to add an instance level filter > of arguments, variables, and function calls that should be redacted from > the ticket. > > In my use case, I am concerned with the password, in other environments > there may be concerns of other data being exposed in variables, arguments, > or function calls. For example, ABA routing / account numbers, cc numbers > (hopefully these would all be going through another interface), user > demographic information, etc. > > I can see that these would be serious items to leak. The one counter-argument I can come up with is that occasionally (rarely, I hope), these items might be the actual issue ... perhaps a failure to have a proper error response for something with the wrong format, and the wrongness has to be seen to be understood. There's also the complicating factor that anything in the request might be in the logs (one of the reasons to use POST data for sensitive items rather than GET vars), or the database. Since most of us would use Stripe or a similar service for payments, that part shouldn't be around, but for a larger system the developer could have limited access to the database, and that limit shouldn't be subverted by the ticket. There's a lot to discuss here, I think. /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
