djblets.privacy.pii¶
Functions for safeguarding personally identifiable information.
- DEFAULT_PII_UNSAFE_URL_KEYWORDS = ('user', 'mail')¶
A default list of unsafe keywords for URL patterns and querysets.
- build_pii_safe_page_url(url, url_kwargs=None, query_dict=None, unsafe_keywords=None)¶
Return the current page URL with personal information redacted.
This takes a URL and keywords used to match and build components of that URL and and looks for information to redact. It does this by inspecting
url_kwargs
and looking for any that contain certain keywords (“user” and “mail” by default) or could be e-mail addresses (containing a “@”), replacing them with “<REDACTED>”. The redaction also applies to keys in the query string (ifquery_dict
is provided).This can be used for services like Google Analytics, logging, or other purposes where a rough URL is needed that does not need to directly identify a specific location.
Custom keywords can be set using the
settings.DJBLETS_PII_UNSAFE_URL_KEYWORDS
setting.- Parameters:
url (
unicode
) – The URL to make safe.url_kwargs (
dict
, optional) – A dictionary of keywords to values found in the URL. These keywords are matched against the list of unsafe keywords.query_dict (
django.http.QueryDict
, optional) – An optional query dictionary representing a parsed querystring. If provided, the result will be appended to the URL.unsafe_keywords (
set
, optional) – Custom keywords to match that are considered unsafe. This replaces the default keywords.
- Returns:
The safe URL stripped of identifying information.
- Return type:
- build_pii_safe_page_url_for_request(request, unsafe_keywords=None)¶
Return the current page URL with personal information redacted.
This wraps
build_pii_safe_page_url()
, returning a PII-safe URL based on the URL pattern used for the current page.- Parameters:
request (
django.http.HttpRequest
) – The HTTP request from the client.unsafe_keywords (
set
, optional) – Custom keywords to match that are considered unsafe. This replaces the default keywords.
- Returns:
The safe URL stripped of identifying information.
- Return type: