From: Ben Darnell <ben@bendarnell.com>
Date: Sun, 3 Jul 2011 17:53:03 +0000 (-0700)
Subject: Better handling of errors not generated by an exception; add to release notes
X-Git-Tag: v2.1.0~130
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1e4f323620659e4a77f032bfbc9680fb1d43197d;p=thirdparty%2Ftornado.git

Better handling of errors not generated by an exception; add to release notes
---

diff --git a/tornado/web.py b/tornado/web.py
index 629d8a5fa..d43697549 100644
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -657,7 +657,7 @@ class RequestHandler(object):
         If this error was caused by an uncaught exception, the
         exception object can be found in kwargs e.g. kwargs['exception']
         """
-        if self.settings.get("debug"):
+        if self.settings.get("debug") and "exception" in kwargs:
             # in debug mode, try to send a traceback
             self.set_header('Content-Type', 'text/plain')
             return traceback.format_exc()
diff --git a/website/sphinx/releases/next.rst b/website/sphinx/releases/next.rst
index 54ed8ede6..f9d56abaa 100644
--- a/website/sphinx/releases/next.rst
+++ b/website/sphinx/releases/next.rst
@@ -10,6 +10,9 @@ Backwards-incompatible changes
 * Support for secure cookies written by pre-1.0 releases of Tornado has
   been removed.  The `RequestHandler.get_secure_cookie` method no longer
   takes an ``include_name`` parameter.
+* The ``debug`` application setting now causes stack traces to be displayed
+  in the browser on uncaught exceptions.  Since this may leak sensitive
+  information, debug mode is not recommended for public-facing servers.
 
 New features
 ~~~~~~~~~~~~