Fixed #35646 -- Extended SafeExceptionReporterFilter.hidden_settings to treat AUTH as a sensitive match.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-10-31 09:41:08 +00:00 · 2024-07-31 11:44:49 -03:00
parent 615c80aba6
commit aa90795050
4 changed files with 11 additions and 4 deletions
--- a/tests/view_tests/tests/test_debug.py
+++ b/tests/view_tests/tests/test_debug.py
@@ -1557,7 +1557,8 @@ class ExceptionReporterFilterTests(
        "SECRET_KEY_FALLBACKS",
        "PASSWORD",
        "API_KEY",
-        "AUTH_TOKEN",
+        "SOME_TOKEN",
+        "MY_AUTH",
    ]

    def test_non_sensitive_request(self):
@@ -1885,6 +1886,7 @@ class ExceptionReporterFilterTests(
            "PASSWORD": "super secret",
            "SECRET_VALUE": "super secret",
            "SOME_TOKEN": "super secret",
+            "THE_AUTH": "super secret",
        }
        request = self.rf.get("/", headers=headers)
        reporter_filter = SafeExceptionReporterFilter()