Commit Graph

246 Commits

Author SHA1 Message Date
Malcolm Tredinnick 356662cf74 Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359
See documentation in templates.txt and templates_python.txt for how everything
works.

Backwards incompatible if you're inserting raw HTML output via template variables.

Based on an original design from Simon Willison and with debugging help from Michael Radziej.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 12:58:53 +00:00
Malcolm Tredinnick fcbde3cbe5 Fixed #5712 -- Added more robustness to source code display in the debug view. Our behaviour is a bit more PEP 263 compliant now, too. Thanks, Thomas Güttler.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6585 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-21 18:15:01 +00:00
Adrian Holovaty 285cc6f101 Fixed #5046 -- Added 'Unicode error hint' section to debug page in the case of a UnicodeError. Thanks, Thomas Guttler
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5862 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-12 03:23:53 +00:00
Malcolm Tredinnick 953badbea5 Merged Unicode branch into trunk (r4952:5608). This should be fully
backwards compatible for all practical purposes.

Fixed #2391, #2489, #2996, #3322, #3344, #3370, #3406, #3432, #3454, #3492, #3582, #3690, #3878, #3891, #3937, #4039, #4141, #4227, #4286, #4291, #4300, #4452, #4702


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-04 12:11:04 +00:00
Malcolm Tredinnick 880e3cfaa6 Backed out the changes in [5482] for a bit whilst some more investigation into
side-effects is done. Refs #4565.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5511 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-22 07:15:04 +00:00
Malcolm Tredinnick bccb8897e6 Fixed #4565 -- Changed template rendering to use iterators, rather than
creating large strings, as much as possible. This is all backwards compatible.
Thanks, Brian Harring.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-17 07:11:37 +00:00
Malcolm Tredinnick ca6e4f345e Fixed #4335 -- Added Python executable binary path and version to debug output.
Thanks, Pete Crosier.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-10 04:02:29 +00:00
Malcolm Tredinnick 43cd7bb110 Fixed #3734 -- Added support for import hooks to the debugging traceback
output. Also respect hidden traceback frames. Thanks to Armin Ronacher.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5051 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-21 04:37:31 +00:00
Adrian Holovaty 0e0a1dc0b7 Fixed #3942 -- Fixed potential confusion on debug 404 page by stripping initial slash from the display of the current URL. Thanks, Collin Grady
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4959 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-09 01:10:26 +00:00
Adrian Holovaty 41d11a685f Fixed #2968 -- Changed arguments to __import__ to use empty dictionary instead of empty string, for stricter compliance with Python library reference. Thanks for the patch, Yasushi Masuda
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3951 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-10-30 20:50:27 +00:00
Malcolm Tredinnick 8f7ab8efed Avoid displaying the profanities list in the debug output. Makes it a bit more
"safe for work".


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3813 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-24 10:30:15 +00:00
Adrian Holovaty 6417d6c7c3 Added some escaping of request.path to django/views/debug.py. Thanks, Simon Greenhill
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3722 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-05 00:26:14 +00:00
Adrian Holovaty b7a352d78f Changed template names from [3707] to remove initial caps, to fit our style.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3718 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-04 23:49:14 +00:00
Russell Keith-Magee d043200077 Refs #2333 - Re-added the template rendering signal for testing purposes; however, the signal is not available during normal operation. It is only added as part of an instrumentation step that occurs during test framework setup. Previous attempt (r3659) was reverted (r3666) due to performance concerns.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-02 09:26:24 +00:00
Adrian Holovaty 2c2653db9f Reverted [3659], the 'name' field on Template objects and the signal emitted whenever a template is rendered. Refs #2333.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3666 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-08-27 18:10:32 +00:00
Russell Keith-Magee 89fa97b837 Refs #2333 - Added a signal that is emitted whenever a template is rendered, and added a 'name' field to Template to allow easy identification of templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-08-27 12:35:07 +00:00
Jacob Kaplan-Moss a926046ba6 Second half of little cleanup tweaks suggested by pyflakes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3414 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-07-21 20:39:17 +00:00
Jacob Kaplan-Moss e9a236d86c Fixed #2092: added a "is_secure()" method to HttpRequest which correctly handles the subtleties of mod_python's interaction with os.environ. This one's been bugging me for about a *year*, so many many thanks to k.shaposhnikov@gmail.com for figuring it out, and Tim Shaffer for pointing out this ticket.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3410 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-07-21 16:20:22 +00:00
Malcolm Tredinnick d5377fc813 Fixed #2153 -- display debugging template even if no stack frame is found.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3127 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-06-14 11:44:56 +00:00
Adrian Holovaty 885dd85b5f Fixed #1785 -- debug view no longer assumes _get_lines_from_file returns None. Thanks, django@binaryfeed.org
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2864 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-05-06 23:18:22 +00:00
Adrian Holovaty cc4196a407 Fixed #1059 -- Fixed off-by-one line number in heading of debug error pages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2815 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-05-02 18:44:22 +00:00
Adrian Holovaty f69cf70ed8 MERGED MAGIC-REMOVAL BRANCH TO TRUNK. This change is highly backwards-incompatible. Please read http://code.djangoproject.com/wiki/RemovingTheMagic for upgrade instructions.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-05-02 01:31:56 +00:00
Adrian Holovaty 074299db83 Fixed #1420 -- Added copy-and-paste (pastebin-friendly) toggle for debug view. Thanks, jpaulofarias
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-02-28 15:52:57 +00:00
Adrian Holovaty 47f040d2eb Fixed #1059 -- Fixed line numbers off-by-one error in debug output
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-02-27 22:23:24 +00:00
Adrian Holovaty c12c225a66 Fixed a bunch of errors detected by pychecker -- unneeded imports and shadows of builtin variable names
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2058 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-01-19 01:06:12 +00:00
Adrian Holovaty 170c3be4b3 Changed debug error view to escape the exception value, so that values in angle brackets aren't hidden by browsers
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1825 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-01-05 16:28:25 +00:00
Adrian Holovaty d06a12406b Fixed #998 -- Fixed edge-case bug in debug view for templates with only one line. Thanks, andy@jadedplanet.net
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1578 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-12-09 02:35:38 +00:00
Adrian Holovaty 668e8b3df9 Added 'It worked' page, in a empty_urlconf() view in views/debug.py. It's called if the URLconf is empty.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1565 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-12-07 06:02:09 +00:00
Adrian Holovaty 85c369001b Debug 400 page now displays special error message if your URLconf is empty.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1552 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-12-06 05:04:56 +00:00
Georg Bauer ca683d8ca5 now really fixed the source formatting. brought to you by the magics of IRC-based pair programming
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1407 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-25 00:04:06 +00:00
Georg Bauer eff2a1fde2 just another small fix to the template_debug layout
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1406 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-24 23:35:28 +00:00
Georg Bauer 73766b1f88 fixed debug view for templates so it starts counting with 1
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1405 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-24 23:31:33 +00:00
Georg Bauer f0fbd43a57 small fix to the template_debug stuff, it was dropping last characters and didn't split the first line correctly
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1403 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-24 22:57:04 +00:00
Adrian Holovaty d922825156 Fixed #892 -- TemplateDoesNotExist errors now get a 'Template-loader postmortem' section on the pretty debug page. Thanks for the idea, David Ascher
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1400 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-24 21:15:51 +00:00
Georg Bauer eab4a22596 changed the linebreaks_iter function to use str.find instead of re.finditer, because the latter one has problems with Python 2.3
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1385 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-24 00:06:36 +00:00
Adrian Holovaty 39eac9bdff Added Wilson's HTML tweaks to the template error screen
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1381 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-23 23:15:52 +00:00
Adrian Holovaty 21f2d842fa Added Wilson's CSS tweaks to the template error screen
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1380 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-23 23:12:24 +00:00
Adrian Holovaty 5d863f1fbd Fixed #603 -- Added template debugging errors to pretty error-page output, if TEMPLATE_DEBUG setting is True. Also refactored FilterParser for a significant speed increase and changed the template_loader interface so that it returns information about the loader. Taken from new-admin. Thanks rjwittams and crew
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1379 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-23 23:10:17 +00:00
Adrian Holovaty ceecf0f7de Fixed #874 -- Changed debug views to use text/html mime-type instead of DEFAULT_CONTENT_TYPE. Thanks, Sune
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-22 14:22:02 +00:00
Adrian Holovaty b5feff3963 Fixed #842 -- 500 error view no longer breaks for local variable named 'items'. Thanks, rjwittams
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1297 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-20 05:17:15 +00:00
Jacob Kaplan-Moss 3bbc2bd091 Fixed #825; thanks for the suggestions, aaronsw
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1276 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-17 15:27:19 +00:00
Jacob Kaplan-Moss bb505a87ac Fixed #823 - cleaned up invalid HTML in debug error template. Thanks, Sune
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1273 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-17 14:19:33 +00:00
Adrian Holovaty b1603563a3 Fixed #822 -- Changed 500 view to use disclosure triangles instead of up/down arrows. Thanks, aaronsw
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-17 03:10:03 +00:00
Jacob Kaplan-Moss d6aa904487 Fixed #799: any setting with "SECRET" or "PASSWORD" in the name is escaped in the debug view output (this can be expanded if there are other "naughty words" we want to strip out in the future. Thanks, Ian
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1242 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-15 14:35:24 +00:00
Jacob Kaplan-Moss 065dd334de Added NOINDEX tag to debug 500 page (for robots)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1234 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-14 18:50:13 +00:00
Jacob Kaplan-Moss 0710243ea1 Added "pretty" error pages to be used when DEBUG is True.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1233 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-14 17:44:50 +00:00