Working with Personally Identifiable Information¶

Personally Identifiable Information, or PII, is information that can be used by itself or along with other information to point to or track an individual person. For EU users protected by the GDPR, this information must be kept safe and can only be used with a valid legal justification (such as consent).

Djblets provides utilities for safely working with PII.

PII-Safe URLs¶

build_pii_safe_page_url() generates a URL based on the current page URL that redacts any PII that’s found. It does this by looking for certain keywords within both the URL pattern for the current URL and the query string and, if found, redacting the values.

By default, this attempts to find any keywords containing user or mail anywhere in them, or any values containing a @ character (which may be an e-mail address).

When found, the value for that keyword is set to <REDACTED>.

For example:

>>> from django.http import QueryDict
>>> from djblets.privacy.pii import build_pii_safe_page_url
>>>
>>> build_pii_safe_page_url(
...     url='https://example.com/users/test-user/',
...     url_kwargs={
...         'username': 'test-user',
...     },
...     query_dict=QueryDict('email=test@example.com'))
'https://example.com/users/<REDACTED>/?email=<REDACTED>'

Callers can pass a custom list of keywords through the unsafe_keywords= argument to build_pii_safe_page_url(), or set it globally in settings.py:

DJBLETS_PII_UNSAFE_URL_KEYWORDS = ['user', 'mail', 'uid']

If working with an HttpRequest, you can simplify this by using build_pii_safe_page_url_for_request():

from djblets.privacy.pii import build_pii_safe_page_url_for_request

def my_view(request):
    url = build_pii_safe_page_url_for_request(request)
    ...

If you need a URL in a template, you don’t need to compute it in the view. You can use the {% pii_safe_page_url %} template tag:

{% load djblets_privacy %}
{% pii_safe_page_url %}