URLs that use the same query string keys (like s) break the debugger

[cs19]

This is a really tiny nit I'm able to workaround but any URL that has the same query string as the special debugger URLs will break the debugger.

For example, if I have a url like http://localhost:8000/?s=1 the debugger will no longer work since the secret is overridden.

Code to do this is currently here: https://github.com/pallets/werkzeug/blob/master/src/werkzeug/debug/__init__.py#L471

Relevant lines:

cmd = request.args.get("cmd")
arg = request.args.get("f")
secret = request.args.get("s")
traceback = self.tracebacks.get(request.args.get("tb", type=int))
frame = self.frames.get(request.args.get("frm", type=int))

Would be nice if maybe the QS vars were more unique, deferred to the second key in the MultiDict, etc.

Environment:

• Python version: 3.9
• Werkzeug version: 1.0.1

[davidism]

Since this is all internal, it shouldn't matter if we rename things. Prefixing the keys with _wzd_ (to match the pin cookie name) is probably enough for now.

[davidism]

I actually can't reproduce this. The debugger doesn't keep the existing query string when making requests. All HTML, JS, and CSS requests use relative URLs, or only the path part of the current URL, for both the jQuery version and the new vanilla JS version.