Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #15025 - template debug fails if there's a callable local var t…

…hat generates an exception

Thanks to Tai Lee for the patch and report, also to Don Spaulding.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15187 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 80f48260630c3db98f6e0af282bc339eba999009 1 parent e1ede21
@spookylukey spookylukey authored
Showing with 10 additions and 2 deletions.
  1. +5 −2 django/views/debug.py
  2. +5 −0 tests/regressiontests/views/views.py
View
7 django/views/debug.py
@@ -8,11 +8,11 @@
from django.http import HttpResponse, HttpResponseServerError, HttpResponseNotFound
from django.template import (Template, Context, TemplateDoesNotExist,
TemplateSyntaxError)
+from django.template.defaultfilters import force_escape, pprint
from django.utils.html import escape
from django.utils.importlib import import_module
from django.utils.encoding import smart_unicode, smart_str
-
HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST|SIGNATURE')
def linebreak_iter(template_source):
@@ -109,6 +109,9 @@ def get_traceback_html(self):
self.get_template_exception_info()
frames = self.get_traceback_frames()
+ for i, frame in enumerate(frames):
+ frame['vars'] = [(k, force_escape(pprint(v))) for k, v in frame['vars']]
+ frames[i] = frame
unicode_hint = ''
if issubclass(self.exc_type, UnicodeError):
@@ -547,7 +550,7 @@ def empty_urlconf(request):
{% for var in frame.vars|dictsort:"0" %}
<tr>
<td>{{ var.0|force_escape }}</td>
- <td class="code"><pre>{{ var.1|pprint|force_escape }}</pre></td>
+ <td class="code"><pre>{{ var.1 }}</pre></td>
</tr>
{% endfor %}
</tbody>
View
5 tests/regressiontests/views/views.py
@@ -36,6 +36,11 @@ def save(self, *args, **kwargs):
form_class=SlugChangingArticleForm)
def raises(request):
+ # Make sure that a callable that raises an exception in the stack frame's
+ # local vars won't hijack the technical 500 response. See:
+ # http://code.djangoproject.com/ticket/15025
+ def callable():
+ raise Exception
try:
raise Exception
except Exception:
Please sign in to comment.
Something went wrong with that request. Please try again.