Commit Graph

193 Commits

Author SHA1 Message Date
Jon Dufresne 348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page. 2016-07-24 18:18:57 +02:00
Tim Graham 93c538694e Fixed XSS in admin's add/change related popup.
This is a security fix.
2016-07-18 11:17:01 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
Tim Graham 2cd2d18851 Fixed W503 flake8 warnings. 2016-04-04 17:14:26 -04:00
Andrew Kuchev e81d1c995c Fixed #25670 -- Allowed dictsort to sort a list of lists.
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
François Freitag 16a88b4429 Fixed #26209 -- Masked sensitive settings in debug reports regardless of case. 2016-02-11 18:13:03 -05:00
pp c8d970a548 Refs #25755 -- Unified a couple more spellings of 'website'. 2016-01-11 06:13:16 -05:00
Marten Kenbeek 16411b8400 Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
John Moses 2b6344e944 Fixed #25037 -- Added request.user to the debug view. 2015-10-05 09:36:42 -04:00
Tim Graham fd1e54b923 Removed unused views.debug.linebreak_iter() function. 2015-09-24 09:15:55 -04:00
Dražen Odobašić b1e33ceced Fixed #23395 -- Limited line lengths to 119 characters. 2015-09-12 11:40:50 -04:00
Vlastimil Zíma cf29b6b561 Fixed #25099 -- Fixed crash in AdminEmailHandler on DisallowedHost. 2015-09-04 09:24:21 -04:00
Tim Graham a3830f6d66 Refs #25236 -- Removed ifequal/ifnotequal usage. 2015-08-08 07:33:15 -04:00
Tim Graham d7848c11e0 Fixed #25147 -- Fixed debug view copy-paste/interactive toggle.
The whitespace added in 1101467ce0
broke the initial comparison.
2015-07-20 11:52:21 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
Tim Graham 6bdd3840be Improved whitespace in debug templates.
Removed extra blank lines in the template text debug template,
and prevented overindentation in the HTML debug template.
2015-07-13 19:22:39 -04:00
Tomáš Ehrlich 59383f1e3a Ref #23643 -- Added plain text report of exception chain. 2015-06-01 08:23:54 -04:00
Luca Ferroni 38eacbde62 Refs #23643 -- Fixed debug view regression on Python 2.
Thanks Tomáš Ehrlich for help with the patch.
2015-05-29 11:29:32 -04:00
Preston Timmons adff499e47 Fixed #24119, #24120 -- Formalized debug integration for template backends. 2015-05-06 17:33:47 -05:00
Preston Timmons 65a7a0d9ee Improved display of template loader postmortem on debug page.
This now works for multiple Django engines and recursive loaders.
Support for non-Django engines is still pending.

Refs #15053.
2015-04-22 14:49:00 -05:00
Curtis Maloney 14ecbd02a3 Removed cases of six.iter* wrapped in a list()
There's absolutely no advantage [and a mild performance hit] to using six.iter*
in these cases.
2015-04-18 23:29:29 +10:00
andy matthews b4da88b126 Fixed #24440 -- Added padding to debug view stacktrace lines. 2015-03-23 11:17:17 -04:00
Preston Timmons 55f12f8709 Cleaned up the template debug implementation.
This patch does three major things:

* Merges the django.template.debug implementation into django.template.base.

* Simplifies the debug implementation.

  The old implementation copied debug information to every token and node.
  The django_template_source attribute was set in multiple places, some
  quite hacky, like django.template.defaulttags.ForNode.

  Debug information is now annotated in two high-level places:

  * Template.compile_nodelist for errors during parsing
  * Node.render_annotated for errors during rendering

  These were chosen because they have access to the template and context
  as well as to all exceptions that happen during either the parse or
  render phase.

* Moves the contextual line traceback information creation from
  django.views.debug into django.template.base.Template. The debug views now
  only deal with the presentation of the debug information.
2015-03-20 08:58:07 -04:00
Tomáš Ehrlich 8414fcf16b Fixes #23643 -- Added chained exception details to debug view. 2015-03-14 16:08:23 -04:00
Bas Peschier 756cee46d2 Fixed #24455 -- Fixed crash in debug view with lazy objects 2015-03-09 20:30:01 -04:00
Preston Timmons 70123cf084 Fixed #24399 -- Made filesystem loaders use more specific exceptions. 2015-03-03 21:20:46 +01:00
Aymeric Augustin c7a6996df7 Fixed a crash of the debug page.
During the autumn DST change, the template engine would fail to convert
the naive representation of now when USE_TZ = True. Passing now in UTC
eliminates the issue.

Thanks mbertheau and tricoder42.

Refs #23714.
2015-02-10 21:37:53 +01:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Aymeric Augustin 27f9ff459b Caught all exceptions raised by Engine.get_default().
In addition to ImproperlyConfigured, Engine.get_default() may also raise
ImportError or other exceptions. It's better to catch all exceptions in
places where the default engine isn't strictly required.
2015-02-05 20:06:18 +01:00
Aymeric Augustin 6b5113ec94 Made debug views not crash when there isn't a default template engine. 2015-01-12 21:01:34 +01:00
Aymeric Augustin cf0fd65ed4 Deprecated TEMPLATE_LOADERS. 2014-12-28 17:02:30 +01:00
Jon Dufresne 4468c08d70 Fixed #23968 -- Replaced list comprehension with generators and dict comprehension 2014-12-08 07:58:23 -05:00
Aymeric Augustin 18533fb558 Removed direct references to template-related settings. 2014-11-23 11:54:22 +01:00
Aymeric Augustin 29a977ab14 Moved template loaders management in Engine.
Passed the engine instance to loaders. This is a prerequisite for
looking up configuration on the engine instance instead of global
settings.

This is backwards incompatible for custom template loaders that override
__init__. However the documentation doesn't talk about __init__ and the
way to pass arguments to custom template loaders isn't specified. I'm
considering it a private API.
2014-11-23 11:52:12 +01:00
Aymeric Augustin 0900815097 Simplified caching of the default exception reporter filter.
Also simplified the logic under the assumption that a false-ish object
won't have an exception_reporter_filter attribute.
2014-11-19 21:35:40 +01:00
Aymeric Augustin 9eeb788cfb Refactored getting the list of template loaders.
This provides the opportunity to move utility functions specific to the
Django Template Language outside of django.template.loader.
2014-11-16 21:41:44 +01:00
Tim Graham 1101467ce0 Limited lines to 119 characters in django/
refs #23395.
2014-09-05 09:22:16 -04:00
Walter Doekes e0e28bfe71 Fixed #20368 -- Made TECHNICAL_500 more robust against bad input.
This limits large variables and avoids non-utf-8 in the TECHNICAL_500 output.
2014-08-13 12:56:26 -04:00
Hiroki KIYOHARA d0889863de Fixed code to solve #23070 problem
Added a class to wrap callable in settings:
* Not to call in the debug page (#21345).
* Not to break the debug page if the callable forbidding to set attributes (#23070).

Thanks @bmispelon for giving me some advice.
2014-07-26 12:35:51 +02:00
Julia Matsieva 29c1151a55 Fixed #22756 -- Added view name to technical 404 template if Http404 is raised.
Thanks Keryn Knight for the suggestion.
2014-06-30 15:34:35 -04:00
Anubhav Joshi dbbcfca476 Fixed #21668 -- Return detailed error page when SuspiciousOperation is raised and DEBUG=True
Thanks GDorn and gox21 for report.

Thanks Tim Graham for idea and review.
2014-06-24 08:55:36 -04:00
Claude Paroz 43372fc7aa Prevented markup escape in 'Welcome to Django' page
Fixes a regression introduced in 5f24cf9705. Refs #22635.
Thanks A.J. May for spotting the regression.
2014-06-12 08:42:02 +02:00
Markus Amalthea Magnuson 5f24cf9705 Fixed #22635 -- Made "It worked!" page localizable. 2014-05-19 01:05:19 +02:00
Maxime Turcotte 5e4e0b6fe9 Fixed #22306 -- Deprecated future versions of cycle and firstof template tags. 2014-03-28 18:55:06 -04:00
Tim Graham aa93a1890f Removed contrib.comments per deprecation timeline. 2014-03-21 07:05:36 -04:00
Alex Gaynor cd7f37b647 Corrected a pair of flake8 violations 2014-02-15 10:42:12 -08:00
Grzegorz Nosek 0b6f9f7c6f Improved fix for #18373 -- backward compatibility
Commit 79558c78 cleaned up the (undocumented) interface of Resolver404
exception, which breaks compatibility with code messing with .args[0]
directly. Revert the cleanup part and simply leave the fix itself.
2014-02-15 17:51:18 +01:00
Tim Graham 65b421c661 Fixed some flake8 errors from recent commits. 2014-02-15 11:21:15 -05:00
Grzegorz Nosek 79558c787e Fixed #18373 - improved handling of Resolver404s from views
When django.core.urlresolvers.resolve was called from a view, failed
and the exception was propagated and rendered by technical_404_response,
the URL mentioned on the page was the current URL instead of the URL
passed to resolve().

Fixed by using the path attribute from the Resolver404 exception instead
of request.path_info. Also cleaned up the exceptions to use standard
named parameters instead of stuffing a dict in args[0]
2014-02-15 15:56:04 +01:00