do not include context to exception notification
The wrap_exception decorator optionally emited a notification. Based on the code comments the original intention was not to include the context to that notification due to security reasons. However the implementation did included the context to the payload of the legacy notification. Recently we saw circural reference errors during the payload serialization of this notification. Based on the logs the only complex data structure that could cause circural reference is the context. So this patch removes the context from the legacy exception notification. The versioned exception notification is not affected as it does not contain the args of the decorated function. Closes-Bug: #1673375 Change-Id: I1d217620e52d45595a3e0e49ed57b4ab33cd1688 (cherry picked from commit3bf177a59c
) (cherry picked from commita8a1915456
)
This commit is contained in:
parent
663b582ddc
commit
d0ee248bab
|
@ -86,6 +86,9 @@ def _get_call_dict(function, self, context, *args, **kw):
|
|||
# self can't be serialized and shouldn't be in the
|
||||
# payload
|
||||
call_dict.pop('self', None)
|
||||
# NOTE(gibi) remove context as well as it contains sensitive information
|
||||
# and it can also contain circular references
|
||||
call_dict.pop('context', None)
|
||||
return _cleanse_dict(call_dict)
|
||||
|
||||
|
||||
|
|
|
@ -61,6 +61,7 @@ class WrapExceptionTestCase(test.NoDBTestCase):
|
|||
self.assertEqual(3, notification.payload['args']['extra'])
|
||||
for key in ['exception', 'args']:
|
||||
self.assertIn(key, notification.payload.keys())
|
||||
self.assertNotIn('context', notification.payload['args'].keys())
|
||||
|
||||
self.assertEqual(1, len(fake_notifier.VERSIONED_NOTIFICATIONS))
|
||||
notification = fake_notifier.VERSIONED_NOTIFICATIONS[0]
|
||||
|
|
Loading…
Reference in New Issue