Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #4947 -- Avoid displaying uploaded file contents in the debug w…

…eb page. Based on a patch from eibaan@gmail.com.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@5874 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 3757f30c99838783402b54d1cfd41958d1493aad 1 parent 78dfdd5
@malcolmt malcolmt authored
View
1  AUTHORS
@@ -101,6 +101,7 @@ answer newbie questions, and generally made Django that much better:
dusk@woofle.net
Andy Dustman <farcepest@gmail.com>
Clint Ecker
+ eibaan@gmail.com
enlight
Enrico <rico.bl@gmail.com>
A. Murat Eren <meren@pardus.org.tr>
View
6 django/http/__init__.py
@@ -2,7 +2,7 @@
from Cookie import SimpleCookie
from pprint import pformat
from urllib import urlencode
-from django.utils.datastructures import MultiValueDict
+from django.utils.datastructures import MultiValueDict, FileDict
from django.utils.encoding import smart_str, iri_to_uri, force_unicode
RESERVED_CHARS="!*'();:@&=+$,/?%#[]"
@@ -88,11 +88,11 @@ def parse_file_upload(header_dict, post_data):
# directory separator, which may not be the same as the
# client's one.)
filename = name_dict['filename'][name_dict['filename'].rfind("\\")+1:]
- FILES.appendlist(name_dict['name'], {
+ FILES.appendlist(name_dict['name'], FileDict({
'filename': filename,
'content-type': 'Content-Type' in submessage and submessage['Content-Type'] or None,
'content': submessage.get_payload(),
- })
+ }))
else:
POST.appendlist(name_dict['name'], submessage.get_payload())
return POST, FILES
View
13 django/utils/datastructures.py
@@ -267,3 +267,16 @@ def __init__(self, key_to_list_mapping):
current[bits[-1]] = v
except TypeError: # Special-case if current isn't a dict.
current = {bits[-1] : v}
+
+class FileDict(dict):
+ """
+ A dictionary used to hold uploaded file contents. The only special feature
+ here is that repr() of this object won't dump the entire contents of the
+ file to the output. A handy safeguard for a large file upload.
+ """
+ def __repr__(self):
+ if 'content' in self:
+ d = dict(self, content='<omitted>')
+ return dict.__repr__(d)
+ return dict.__repr__(self)
+
View
9 tests/regressiontests/datastructures/tests.py
@@ -64,4 +64,13 @@
['Holovaty']
>>> d['person']['2']['firstname']
['Adrian']
+
+### FileDict ################################################################
+
+>>> d = FileDict({'content': 'once upon a time...'})
+>>> repr(d)
+"{'content': '<omitted>'}"
+>>> d = FileDict({'other-key': 'once upon a time...'})
+>>> repr(d)
+"{'other-key': 'once upon a time...'}"
"""

0 comments on commit 3757f30

Please sign in to comment.
Something went wrong with that request. Please try again.