Menu
I'm running Django 1.0 and I'm close to deploying my app. As such, I'll be changing the DEBUG setting to False.
With that being said, I'd still like to include the stacktrace on my 500.html page when errors occur. By doing so, users can copy-and-paste the errors and easily email them to the developers.
Any thoughts on how best to approach this issue?
571
There are two options. By default, Django’s template loader will look within each app for related templates. However the structure is somewhat confusing: each app needs a new templates directory, another directory with the same name as the app, and then the template file.
Handler 500 is the built-in view. This will allow us to handle the 500 internal server errors using the custom template created by us. This command will install the latest Django package into your local machine. This command will create new project.
This is the template whose base code you want to use for other templates. (2) Next, you need to add the Django extend block content tags where each of the other templates will be loaded in. (3) Finally, you need to extend the first template at the top of the other templates and add a matching set of Django extend block tags to the other templates
The startproject command creates a new project configured for local development via the file django_project/settings.py. This ease-of-use means when it does come time to push the project into production, a number of settings have to be changed. One of these is the web server.
Automatically log your 500s, that way:
Joel recommends even going so far as automatically creating tickets in your bug tracker when your application experiences a failure. Personally, I create a (private) RSS feed with the stacktraces, urls, etc. that the developers can subscribe to.
Showing stack traces to your users on the other hand could possibly leak information that malicious users could use to attack your site. Overly detailed error messages are one of the classic stepping stones to SQL injection attacks.
Edit (added code sample to capture traceback):
You can get the exception information from the sys.exc_info call. While formatting the traceback for display comes from the traceback module:
import traceback import sys try: raise Exception("Message") except: type, value, tb = sys.exc_info() print >> sys.stderr, type.__name__, ":", value print >> sys.stderr, '\n'.join(traceback.format_tb(tb)) Prints:
Exception : Message File "exception.py", line 5, in <module> raise Exception("Message") As @zacherates says, you really don't want to display a stacktrace to your users. The easiest approach to this problem is what Django does by default if you have yourself and your developers listed in the ADMINS setting with email addresses; it sends an email to everyone in that list with the full stack trace (and more) everytime there is a 500 error with DEBUG = False.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
