Fixed #15025 - template debug fails if there's a callable local var that generates an exception

Thanks to Tai Lee for the patch and report, also to Don Spaulding. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15187 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #15025 - template debug fails if there's a callable local var that generates an exception
Thanks to Tai Lee for the patch and report, also to Don Spaulding. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15187 bcc190cf-cafb-0310-a4f2-bffc1f526a37
80f48260 · Luke Plant · e1ede214 · 80f48260 · 80f48260
Kaydet (Commit) 80f48260 authored Ock 13, 2011 tarafından Luke Plant
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 2 deletions

debug.py django/views/debug.py +5 -2

views.py tests/regressiontests/views/views.py +5 -0

No files found.
--- a/django/views/debug.py
+++ b/django/views/debug.py
@@ -8,11 +8,11 @@ from django.conf import settings
 from django.http import HttpResponse, HttpResponseServerError, HttpResponseNotFound
 from django.template import (Template, Context, TemplateDoesNotExist,
    TemplateSyntaxError)
+from django.template.defaultfilters import force_escape, pprint
 from django.utils.html import escape
 from django.utils.importlib import import_module
 from django.utils.encoding import smart_unicode, smart_str
 HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD|PROFANITIES_LIST|SIGNATURE')
 def linebreak_iter(template_source):
@@ -109,6 +109,9 @@ class ExceptionReporter:
            self.get_template_exception_info()
        frames = self.get_traceback_frames()
+        for i, frame in enumerate(frames):
+            frame['vars'] = [(k, force_escape(pprint(v))) for k, v in frame['vars']]
+            frames[i] = frame
        unicode_hint = ''
        if issubclass(self.exc_type, UnicodeError):
@@ -547,7 +550,7 @@ TECHNICAL_500_TEMPLATE = """
                {% for var in frame.vars|dictsort:"0" %}
                  <tr>
                    <td>{{ var.0|force_escape }}</td>
-                    <td class="code"><pre>{{ var.1|pprint|force_escape }}</pre></td>
+                    <td class="code"><pre>{{ var.1 }}</pre></td>
                  </tr>
                {% endfor %}
              </tbody>

--- a/tests/regressiontests/views/views.py
+++ b/tests/regressiontests/views/views.py
@@ -36,6 +36,11 @@ def custom_create(request):
        form_class=SlugChangingArticleForm)
 def raises(request):
+    # Make sure that a callable that raises an exception in the stack frame's
+    # local vars won't hijack the technical 500 response. See:
+    # http://code.djangoproject.com/ticket/15025
+    def callable():
+        raise Exception
    try:
        raise Exception
    except Exception: