Added REQUEST_LOGGING_SENSITIVE_VIEWS configuration option #117
Conversation
# Conflicts: # request_logging/decorators.py # request_logging/middleware.py # requirements-dev.txt # test_urls.py
Removed wrongly merged function
There was a problem hiding this comment.
Apologies, but I don't understand what this is doing. This is what currently is in the latest release.
https://github.com/Rhumbix/django-request-logging/blob/master/request_logging/middleware.py#L19-L24
Could you please clarify or close the request? Thanks.
|
Hi, In the quoted code, the filtering is based on specific header names. The proposed CR filters based on the view that handles the request, thus being content agnostic. A good example is dj-rest-auth which is used (among others) to authenticate via REST. Currently there is no way to filter the request (which is JSON based), and there is no way to add the decorator in the dj-rest-auth package. However by using the proposed CR adding the following code in settings.py it filters the request/response data as needed.
|
There are cases (mainly in 3rd party modules) where the source cannot be edited to add the no_logging decorator for sensitive views. For this reason, a complementary REQUEST_LOGGING_SENSITIVE_VIEWS is added which contains the fully qualified name of the view (or view method in case of class based views) which does the same thing as the decorator.