From 06e59d97a3c6e8e600ff11dadf994fae467fc785 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Sch=C3=A4r?= <jscissr@gmail.com>
Date: Tue, 7 Sep 2021 22:50:29 +0200
Subject: [PATCH] Fixed #33096 -- Fixed <form> nesting in technical 500
 template.

This also prevents sending <form> tags in emails.
---
 django/views/templates/technical_500.html |  4 ++--
 tests/logging_tests/tests.py              | 16 ++++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/django/views/templates/technical_500.html b/django/views/templates/technical_500.html
index 7683896c56..5ace2a136f 100644
--- a/django/views/templates/technical_500.html
+++ b/django/views/templates/technical_500.html
@@ -276,8 +276,8 @@
       {% endfor %}
     </ul>
   </div>
-  <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post">
 {% if not is_email %}
+  <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post">
   <div id="pastebinTraceback" class="pastebin">
     <input type="hidden" name="language" value="PythonConsole">
     <input type="hidden" name="title"
@@ -327,8 +327,8 @@ Exception Value: {{ exception_value|force_escape }}
   <input type="submit" value="Share this traceback on a public website">
   </div>
 </form>
-</div>
 {% endif %}
+</div>
 {% endif %}
 
 <div id="requestinfo">
diff --git a/tests/logging_tests/tests.py b/tests/logging_tests/tests.py
index a06cda9efa..666105baff 100644
--- a/tests/logging_tests/tests.py
+++ b/tests/logging_tests/tests.py
@@ -422,6 +422,22 @@ class AdminEmailHandlerTest(SimpleTestCase):
         msg = mail.outbox[0]
         self.assertEqual(msg.body, 'message\n\ncustom traceback text')
 
+    @override_settings(ADMINS=[('admin', 'admin@example.com')])
+    def test_emit_no_form_tag(self):
+        """HTML email doesn't contain forms."""
+        handler = AdminEmailHandler(include_html=True)
+        record = self.logger.makeRecord(
+            'name', logging.ERROR, 'function', 'lno', 'message', None, None,
+        )
+        handler.emit(record)
+        self.assertEqual(len(mail.outbox), 1)
+        msg = mail.outbox[0]
+        self.assertEqual(msg.subject, '[Django] ERROR: message')
+        self.assertEqual(len(msg.alternatives), 1)
+        body_html = str(msg.alternatives[0][0])
+        self.assertIn('<div id="traceback">', body_html)
+        self.assertNotIn('<form', body_html)
+
 
 class SettingsConfigTest(AdminScriptTestCase):
     """