I have a Django site that takes in sensitive information. I use https/SSL, so I’m pretty good on that stuff. However, I had an unhandled error today that occurred on a POST of some information. Upon reviewing the error report that was emailed to me, I realized (much to my horror) that the sensitive information had gone across the wire (in the email) unencrypted.

I’ve done a few searches on Google, but am not really finding much information on this topic. It seems like I could probably implement my how exception handler and plug it into

from django.core.handlers.base import BaseHandler

But, all I really want to do is to strip out the information from the request.POST on certain views. Seems like maybe I could maybe create a decorator for views that will contained posted information that I don’t want included in the emails.

What’s the best way to handle this?

EDIT: Adding version information.

I’m currently using Django 1.3.1 with a PostgreSQL 9.1 database (not that it probably matters here)