How to mitigate the security issue of streamlit displaying stack traces
By default, streamlit is displaying stack traces to the user. For me this is considered a high risk security breach as it displays code to a user. They may be able to access secrets or other dangerous info from the code.
At the moment I run my entire app in a try/except block to mitigate this.
I have two questions:
- Is this the accepted method for hiding the stack trace from users?
- Is there any way that a stacktrace could still be shown to a user?
Thanks for any advice
My current setup
if __name__ == "__main__": try: # method to run the app run() except Exception as e: st.error( "An error occurred during this operation. Please reload the page and try again." ) logging.exception("Exception caught at while running app")