New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed #17664 -- Deprecated silencing exceptions in the {% if %} template tag. #12752
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No docs change on the if
tag?
I added a |
Rebased for Django 3.2 |
tests/auth_tests/templates/context_processors/auth_attrs_perms.html
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Erm... so... I may have missed the point but, this looks like a much more significant proposal that just, "raise exceptions". Requiring if var and...
checks everywhere is a serious regression, I'm inclined to think.
Thoughts?
<table> | ||
<caption> | ||
<a href="{{ app.app_url }}" class="section" title="{% blocktranslate with name=app.name %}Models in the {{ name }} application{% endblocktranslate %}">{{ app.name }}</a> | ||
</caption> | ||
{% for model in app.models %} | ||
<tr class="model-{{ model.object_name|lower }}{% if model.admin_url in request.path %} current-model{% endif %}"> | ||
<tr class="model-{{ model.object_name|lower }}{% if request and model.admin_url and model.admin_url in request.path %} current-model{% endif %}"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't nice, especially not if we generalize over the entire set of old templates out there that are relying on the soft-fail here: it's old as the arc that you can define an if block that simply won't show if the variable is missing.
I'm not sure that requiring if var and var.attr
everywhere is a win. (In fact, stronger than that...)
Are there alternatives? I see that if var.attr
raises (like an actual exception) we want that to raise, but can we maintain the historic/super behaviour of allowing var
to not be defined?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These checks exist to facilitate testing d522b51. In hindsight, I think it would be simpler to always pass the request
object to Django admin templates and drop the requirement on the context processor. Doing so would allow me to drop the request
checks in this template. I've done this in the latest revision, which simplifies the changes to this template.
To try and understand the implications of this I ran this against The error / warning messages don't give you an indication on where to start looking or how to go about solving it, which is an issue for me. So if we accepted this change we're asking a lot of people to do a lot of work to 'fix' their templates. Given how much feedback the Here is the impact it has (once you've managed to work out which template it is in). Take this line here
A harder example is this template. There are 36 |
https://docs.djangoproject.com/en/3.0/ref/templates/api/#how-invalid-variables-are-handled Note: The current behaviour is explained here in the docs. |
No, they are not required "everywhere", that is an exaggeration. These checks are only in There is also a typical deprecation period. Per normal procedure, this will not break existing code though the deprecation period, users will see a warning and be nudged to update their code to be future proof for after the deprecation period ends. The overall goal here is to make the Django template more robust and helpful to developers to avoid bugs. IMO, the silencing of exceptions allows bugs to go unnoticed during development and testing and only be noticed later in production -- perhaps by confused users. This brings template error handling closer to Python. For example, def foo(bar=None):
if bar is None and bar.baz():
return bar.bizzle()
return bazzle() One might say that checking if This becomes especially important for templates that expose private data. For example:
Notice the typo in the word "private". In Python, this would result in an
Can you elaborate on what you're suggesting? In the example above if Without these checks I consider the silencing of exceptions in |
Those docs explain how undefined variables are rendered. This PR is about how undefined variables are handled in |
@@ -750,9 +750,6 @@ The following checks are performed on the default | |||
must be in :setting:`MIDDLEWARE` in order to use the admin application. | |||
* **admin.E410**: :class:`django.contrib.sessions.middleware.SessionMiddleware` | |||
must be in :setting:`MIDDLEWARE` in order to use the admin application. | |||
* **admin.W411**: ``django.template.context_processors.request`` must be |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When removing a check, we should preserve a record of the code somewhere so it doesn't get reused in the future (as it could already be used in projects' SILENCED_SYSTEM_CHECKS
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense, thanks. Do you know if there is an established approach to this? Should I just leave the line as is? Move it somewhere else? Or modify it some some marker?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added *This check appeared in Django 3.1*.
which I saw done for other system checks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah it looks like that's the mechanism right now.
Co-authored-by: rroskam <rroskam@worthwhile.com>
…ate tag. Co-authored-by: rroskam <rroskam@worthwhile.com>
Closing as per ticket. |
Thanks @raiderrobert for the orignal PR #9713.
https://code.djangoproject.com/ticket/17664