p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed #20819 -- Return 404 instead of 500 error when ``staticfiles`` view is used in production.

This commit is contained in:
Tai Lee 2013-07-31 17:11:49 +10:00
parent 5154c9f92c
commit 4c6ffcf721
4 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
django/contrib/staticfiles/views.py
View File

@ -11,7 +11,6 @@ except ImportError: # Python 2
from urllib import unquote from urllib import unquote
from django.conf import settings from django.conf import settings
from django.core.exceptions import ImproperlyConfigured
from django.http import Http404 from django.http import Http404
from django.views import static from django.views import static
@ -31,9 +30,7 @@ def serve(request, path, insecure=False, **kwargs):
It uses the django.views.static view to serve the found files. It uses the django.views.static view to serve the found files.
""" """
if not settings.DEBUG and not insecure: if not settings.DEBUG and not insecure:
raise ImproperlyConfigured("The staticfiles view can only be used in " raise Http404
"debug mode or if the --insecure "
"option of 'runserver' is used")
normalized_path = posixpath.normpath(unquote(path)).lstrip('/') normalized_path = posixpath.normpath(unquote(path)).lstrip('/')
absolute_path = finders.find(normalized_path) absolute_path = finders.find(normalized_path)
if not absolute_path: if not absolute_path:

6
docs/ref/contrib/staticfiles.txt
View File

@ -350,6 +350,12 @@ This view function serves static files in development.
**insecure**. This is only intended for local development, and should **insecure**. This is only intended for local development, and should
**never be used in production**. **never be used in production**.
.. versionchanged:: 1.7
Will now raise an :exc:`~django.http.Http404` exception instead of
:exc:`~from django.core.exceptions.ImproperlyConfigured` when
:setting:`DEBUG` is ``True``.
.. note:: .. note::
To guess the served files' content types, this view relies on the To guess the served files' content types, this view relies on the

8
docs/releases/1.7.txt
View File

@ -122,6 +122,14 @@ Miscellaneous
* Loading empty fixtures emits a ``RuntimeWarning`` rather than raising * Loading empty fixtures emits a ``RuntimeWarning`` rather than raising
:class:`~django.core.management.CommandError`. :class:`~django.core.management.CommandError`.
* :view:`~django.contrib.staticfiles.views.serve` will now raise an
:exc:`~django.http.Http404` exception instead of
:exc:`~from django.core.exceptions.ImproperlyConfigured` when :setting:`DEBUG`
is ``True``. This change removes the need to conditionally add the view to
your root URLconf, which in turn makes it safe to reverse by name. It also
removes the ability for visitors to generate spurious HTTP 500 errors by
requesting static files that don't exist or haven't been collected yet.
Features deprecated in 1.7 Features deprecated in 1.7
========================== ==========================

3
tests/staticfiles_tests/tests.py
View File

@ -650,8 +650,7 @@ class TestServeDisabled(TestServeStatic):
settings.DEBUG = False settings.DEBUG = False
def test_disabled_serving(self): def test_disabled_serving(self):
six.assertRaisesRegex(self, ImproperlyConfigured, 'The staticfiles view ' self.assertFileNotFound('test.txt')
'can only be used in debug mode ', self._response, 'test.txt')
class TestServeStaticWithDefaultURL(TestServeStatic, TestDefaults): class TestServeStaticWithDefaultURL(TestServeStatic, TestDefaults):