mirror of https://github.com/django/django.git
Fixed #33567 -- Avoided setting default text/html content type on responses.
This commit is contained in:
parent
3dbf46654c
commit
93803a1b5f
|
@ -157,4 +157,4 @@ def csrf_failure(request, reason="", template_name=CSRF_FAILURE_TEMPLATE_NAME):
|
||||||
else:
|
else:
|
||||||
# Raise if a developer-specified template doesn't exist.
|
# Raise if a developer-specified template doesn't exist.
|
||||||
raise
|
raise
|
||||||
return HttpResponseForbidden(t.render(c), content_type="text/html")
|
return HttpResponseForbidden(t.render(c))
|
||||||
|
|
|
@ -64,7 +64,7 @@ def technical_500_response(request, exc_type, exc_value, tb, status_code=500):
|
||||||
reporter = get_exception_reporter_class(request)(request, exc_type, exc_value, tb)
|
reporter = get_exception_reporter_class(request)(request, exc_type, exc_value, tb)
|
||||||
if request.accepts("text/html"):
|
if request.accepts("text/html"):
|
||||||
html = reporter.get_traceback_html()
|
html = reporter.get_traceback_html()
|
||||||
return HttpResponse(html, status=status_code, content_type="text/html")
|
return HttpResponse(html, status=status_code)
|
||||||
else:
|
else:
|
||||||
text = reporter.get_traceback_text()
|
text = reporter.get_traceback_text()
|
||||||
return HttpResponse(
|
return HttpResponse(
|
||||||
|
@ -597,7 +597,7 @@ def technical_404_response(request, exception):
|
||||||
"raising_view_name": get_caller(request),
|
"raising_view_name": get_caller(request),
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
return HttpResponseNotFound(t.render(c), content_type="text/html")
|
return HttpResponseNotFound(t.render(c))
|
||||||
|
|
||||||
|
|
||||||
def default_urlconf(request):
|
def default_urlconf(request):
|
||||||
|
@ -610,4 +610,4 @@ def default_urlconf(request):
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
return HttpResponse(t.render(c), content_type="text/html")
|
return HttpResponse(t.render(c))
|
||||||
|
|
|
@ -62,7 +62,6 @@ def page_not_found(request, exception, template_name=ERROR_404_TEMPLATE_NAME):
|
||||||
try:
|
try:
|
||||||
template = loader.get_template(template_name)
|
template = loader.get_template(template_name)
|
||||||
body = template.render(context, request)
|
body = template.render(context, request)
|
||||||
content_type = None # Django will use 'text/html'.
|
|
||||||
except TemplateDoesNotExist:
|
except TemplateDoesNotExist:
|
||||||
if template_name != ERROR_404_TEMPLATE_NAME:
|
if template_name != ERROR_404_TEMPLATE_NAME:
|
||||||
# Reraise if it's a missing custom template.
|
# Reraise if it's a missing custom template.
|
||||||
|
@ -77,8 +76,7 @@ def page_not_found(request, exception, template_name=ERROR_404_TEMPLATE_NAME):
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
body = template.render(Context(context))
|
body = template.render(Context(context))
|
||||||
content_type = "text/html"
|
return HttpResponseNotFound(body)
|
||||||
return HttpResponseNotFound(body, content_type=content_type)
|
|
||||||
|
|
||||||
|
|
||||||
@requires_csrf_token
|
@requires_csrf_token
|
||||||
|
@ -97,7 +95,6 @@ def server_error(request, template_name=ERROR_500_TEMPLATE_NAME):
|
||||||
raise
|
raise
|
||||||
return HttpResponseServerError(
|
return HttpResponseServerError(
|
||||||
ERROR_PAGE_TEMPLATE % {"title": "Server Error (500)", "details": ""},
|
ERROR_PAGE_TEMPLATE % {"title": "Server Error (500)", "details": ""},
|
||||||
content_type="text/html",
|
|
||||||
)
|
)
|
||||||
return HttpResponseServerError(template.render())
|
return HttpResponseServerError(template.render())
|
||||||
|
|
||||||
|
@ -118,7 +115,6 @@ def bad_request(request, exception, template_name=ERROR_400_TEMPLATE_NAME):
|
||||||
raise
|
raise
|
||||||
return HttpResponseBadRequest(
|
return HttpResponseBadRequest(
|
||||||
ERROR_PAGE_TEMPLATE % {"title": "Bad Request (400)", "details": ""},
|
ERROR_PAGE_TEMPLATE % {"title": "Bad Request (400)", "details": ""},
|
||||||
content_type="text/html",
|
|
||||||
)
|
)
|
||||||
# No exception content is passed to the template, to not disclose any
|
# No exception content is passed to the template, to not disclose any
|
||||||
# sensitive information.
|
# sensitive information.
|
||||||
|
@ -147,7 +143,6 @@ def permission_denied(request, exception, template_name=ERROR_403_TEMPLATE_NAME)
|
||||||
raise
|
raise
|
||||||
return HttpResponseForbidden(
|
return HttpResponseForbidden(
|
||||||
ERROR_PAGE_TEMPLATE % {"title": "403 Forbidden", "details": ""},
|
ERROR_PAGE_TEMPLATE % {"title": "403 Forbidden", "details": ""},
|
||||||
content_type="text/html",
|
|
||||||
)
|
)
|
||||||
return HttpResponseForbidden(
|
return HttpResponseForbidden(
|
||||||
template.render(request=request, context={"exception": str(exception)})
|
template.render(request=request, context={"exception": str(exception)})
|
||||||
|
|
|
@ -375,6 +375,7 @@ class CsrfViewMiddlewareTestMixin(CsrfFunctionTestMixin):
|
||||||
with self.assertLogs("django.security.csrf", "WARNING") as cm:
|
with self.assertLogs("django.security.csrf", "WARNING") as cm:
|
||||||
resp = mw.process_view(req, post_form_view, (), {})
|
resp = mw.process_view(req, post_form_view, (), {})
|
||||||
self.assertEqual(403, resp.status_code)
|
self.assertEqual(403, resp.status_code)
|
||||||
|
self.assertEqual(resp["Content-Type"], "text/html; charset=utf-8")
|
||||||
self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % expected)
|
self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % expected)
|
||||||
|
|
||||||
def test_csrf_cookie_bad_or_missing_token(self):
|
def test_csrf_cookie_bad_or_missing_token(self):
|
||||||
|
|
|
@ -539,7 +539,6 @@ class HttpResponseSubclassesTests(SimpleTestCase):
|
||||||
response = HttpResponseRedirect(
|
response = HttpResponseRedirect(
|
||||||
"/redirected/",
|
"/redirected/",
|
||||||
content="The resource has temporarily moved",
|
content="The resource has temporarily moved",
|
||||||
content_type="text/html",
|
|
||||||
)
|
)
|
||||||
self.assertContains(
|
self.assertContains(
|
||||||
response, "The resource has temporarily moved", status_code=302
|
response, "The resource has temporarily moved", status_code=302
|
||||||
|
@ -592,7 +591,7 @@ class HttpResponseSubclassesTests(SimpleTestCase):
|
||||||
self.assertEqual(response.status_code, 405)
|
self.assertEqual(response.status_code, 405)
|
||||||
# Standard HttpResponse init args can be used
|
# Standard HttpResponse init args can be used
|
||||||
response = HttpResponseNotAllowed(
|
response = HttpResponseNotAllowed(
|
||||||
["GET"], content="Only the GET method is allowed", content_type="text/html"
|
["GET"], content="Only the GET method is allowed"
|
||||||
)
|
)
|
||||||
self.assertContains(response, "Only the GET method is allowed", status_code=405)
|
self.assertContains(response, "Only the GET method is allowed", status_code=405)
|
||||||
|
|
||||||
|
|
|
@ -101,8 +101,10 @@ class FileResponseTests(SimpleTestCase):
|
||||||
self.assertEqual(response.headers["Content-Type"], "video/webm")
|
self.assertEqual(response.headers["Content-Type"], "video/webm")
|
||||||
|
|
||||||
def test_content_type_buffer_explicit_default(self):
|
def test_content_type_buffer_explicit_default(self):
|
||||||
response = FileResponse(io.BytesIO(b"binary content"), content_type="text/html")
|
response = FileResponse(
|
||||||
self.assertEqual(response.headers["Content-Type"], "text/html")
|
io.BytesIO(b"binary content"), content_type="text/html; charset=utf-8"
|
||||||
|
)
|
||||||
|
self.assertEqual(response.headers["Content-Type"], "text/html; charset=utf-8")
|
||||||
|
|
||||||
def test_content_type_buffer_named(self):
|
def test_content_type_buffer_named(self):
|
||||||
test_tuples = (
|
test_tuples = (
|
||||||
|
|
Loading…
Reference in New Issue