Django

Code

Changeset 3722

Show
Ignore:
Timestamp:
09/04/06 19:26:14 (2 years ago)
Author:
adrian
Message:

Added some escaping of request.path to django/views/debug.py. Thanks, Simon Greenhill

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • django/trunk/django/views/debug.py

    r3718 r3722  
    190190  <meta http-equiv="content-type" content="text/html; charset=utf-8" /> 
    191191  <meta name="robots" content="NONE,NOARCHIVE" /> 
    192   <title>{{ exception_type }} at {{ request.path }}</title> 
     192  <title>{{ exception_type }} at {{ request.path|escape }}</title> 
    193193  <style type="text/css"> 
    194194    html * { padding:0; margin:0; } 
     
    293293 
    294294<div id="summary"> 
    295   <h1>{{ exception_type }} at {{ request.path }}</h1> 
     295  <h1>{{ exception_type }} at {{ request.path|escape }}</h1> 
    296296  <h2>{{ exception_value|escape }}</h2> 
    297297  <table class="meta"> 
     
    302302    <tr> 
    303303      <th>Request URL:</th> 
    304       <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path }}</td> 
     304      <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path|escape }}</td> 
    305305    </tr> 
    306306    <tr> 
     
    310310    <tr> 
    311311      <th>Exception Value:</th> 
    312       <td>{{ exception_value }}</td> 
     312      <td>{{ exception_value|escape }}</td> 
    313313    </tr> 
    314314    <tr> 
     
    413413  {% endif %} 
    414414{% endfor %}<br/> 
    415 &nbsp;&nbsp;{{ exception_type }} at {{ request.path }}<br/> 
     415&nbsp;&nbsp;{{ exception_type }} at {{ request.path|escape }}<br/> 
    416416&nbsp;&nbsp;{{ exception_value|escape }}</code> 
    417417          </td> 
     
    547547<head> 
    548548  <meta http-equiv="content-type" content="text/html; charset=utf-8" /> 
    549   <title>Page not found at {{ request.path }}</title> 
     549  <title>Page not found at {{ request.path|escape }}</title> 
    550550  <meta name="robots" content="NONE,NOARCHIVE" /> 
    551551  <style type="text/css"> 
     
    577577      <tr> 
    578578        <th>Request URL:</th> 
    579       <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path }}</td> 
     579      <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path|escape }}</td> 
    580580      </tr> 
    581581    </table> 
     
    592592        {% endfor %} 
    593593      </ol> 
    594       <p>The current URL, <code>{{ request.path }}</code>, didn't match any of these.</p> 
     594      <p>The current URL, <code>{{ request.path|escape }}</code>, didn't match any of these.</p> 
    595595    {% else %} 
    596596      <p>{{ reason|escape }}</p>