Django

Code

Ticket #5974 (closed: fixed)

Opened 1 year ago

Last modified 1 year ago

debug error page does not escape text in local vars section

Reported by: Gary Wilson <gary.wilson@gmail.com> Assigned to: nobody
Milestone: Component: Core framework
Version: SVN Keywords:
Cc: Triage Stage: Accepted
Has patch: 0 Needs documentation: 0
Needs tests: 0 Patch needs improvement: 0

Description

I was triggering this by doing a post with text for a javascript alert box in one of the form fields. If the code or view that processes the request raises an Exception, then the error page will popup several alert boxes, one for each display of the request in the "Local vars" section. This was mentioned in comment:ticket:5880:8 and I hit this bug while debugging that ticket.

Attachments

Change History

11/18/07 12:32:31 changed by Gary Wilson <gary.wilson@gmail.com>

  • needs_better_patch changed.
  • stage changed from Unreviewed to Accepted.
  • needs_tests changed.
  • needs_docs changed.

11/19/07 19:37:16 changed by mtredinnick

  • status changed from new to closed.
  • resolution set to fixed.

(In [6704]) Fixed #5974 -- Added autoescaping for source code lines and local variables in technical debug page.

Add/Change #5974 (debug error page does not escape text in local vars section)




Change Properties
Action