Contributors mailing list archives
Re: How to prevent odoo to send the entire tracebackby
Sunflower IT, Tom Blauwendraat
I did see a module in use once that hashed out the folder names
in the tracebacks, which are one of the sensitive parts. But I
cant remember which module it was.
On 1/21/22 10:07 AM, Nils Hamerlinck wrote:
You can try with a server wide module that overrides serialize_exception:
old_http_serialize_exception = http.serialize_exception
tmp = old_http_serialize_exception(e)
tmp['debug'] = 'Please check the logs for the traceback.'
if 'redacted_module' in config.get('server_wide_modules'):
_logger.debug('Overriding default serialize_exception')
http.serialize_exception = http_serialize_exception
On Fri, Jan 21, 2022 at 11:27 AM Dominique k <email@example.com> wrote:
Not sure if this is the right place to ask:Whenever there is an error, Odoo will send back a traceback (whether it is an API call, or from the browser).This could be a security issue, as a lot of data can be sent back. Is it possible to reduce the size of the traceback? - so as to prevent an attacker from retrieving any information on the server ?