From 80f48260630c3db98f6e0af282bc339eba999009 Mon Sep 17 00:00:00 2001 From: Luke Plant Date: Thu, 13 Jan 2011 13:47:03 +0000 Subject: [PATCH] Fixed #15025 - template debug fails if there's a callable local var that generates an exception Thanks to Tai Lee for the patch and report, also to Don Spaulding. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15187 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/views/debug.py | 7 +++++-- tests/regressiontests/views/views.py | 5 +++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/django/views/debug.py b/django/views/debug.py index 233f694b21..15109840b1 100644 --- a/django/views/debug.py +++ b/django/views/debug.py @@ -8,11 +8,11 @@ from django.conf import settings from django.http import HttpResponse, HttpResponseServerError, HttpResponseNotFound from django.template import (Template, Context, TemplateDoesNotExist, TemplateSyntaxError) +from django.template.defaultfilters import force_escape, pprint from django.utils.html import escape from django.utils.importlib import import_module from django.utils.encoding import smart_unicode, smart_str - HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST|SIGNATURE') def linebreak_iter(template_source): @@ -109,6 +109,9 @@ class ExceptionReporter: self.get_template_exception_info() frames = self.get_traceback_frames() + for i, frame in enumerate(frames): + frame['vars'] = [(k, force_escape(pprint(v))) for k, v in frame['vars']] + frames[i] = frame unicode_hint = '' if issubclass(self.exc_type, UnicodeError): @@ -547,7 +550,7 @@ TECHNICAL_500_TEMPLATE = """ {% for var in frame.vars|dictsort:"0" %} {{ var.0|force_escape }} -
{{ var.1|pprint|force_escape }}
+
{{ var.1 }}
{% endfor %} diff --git a/tests/regressiontests/views/views.py b/tests/regressiontests/views/views.py index e4e7c3d4e4..622e5f6442 100644 --- a/tests/regressiontests/views/views.py +++ b/tests/regressiontests/views/views.py @@ -36,6 +36,11 @@ def custom_create(request): form_class=SlugChangingArticleForm) def raises(request): + # Make sure that a callable that raises an exception in the stack frame's + # local vars won't hijack the technical 500 response. See: + # http://code.djangoproject.com/ticket/15025 + def callable(): + raise Exception try: raise Exception except Exception: