#13537 closed (duplicate)
changing password in admin with TEMPLATE_STRING_IF_INVALID is broken.
Reported by: | Owned by: | nobody | |
---|---|---|---|
Component: | contrib.admin | Version: | dev |
Severity: | Keywords: | admin password, TEMPLATE_STRING_IF_INVALID | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | yes |
Easy pickings: | no | UI/UX: | no |
Description
Running django 1.2 rc 1 SVN-13260 in my settings I have
TEMPLATE_STRING_IF_INVALID = '!invalid var!'
When I try to change the User password (change password form)
I got an exception
You called this URL via POST, but the URL doesn't end in a slash and you have APPEND_SLASH set. Django can't redirect to the slash URL while maintaining POST data. Change your form to point to xxx.com:7777/admin/auth/user/2/password/!Invalid Var!/ (note the trailing slash), or set APPEND_SLASH=False in your Django settings.
It seems that the file :
django/contrib/admin/templates/admin/auth/user/change_password.html is causing this error.
A quick fix will be:
Line 19:
<form action="{% if form_url %}{{ form_url }}{% endif %}" method="post" id="{{ opts.module_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %}
Iinstead of:
<form action="{{ form_url }}" method="post" id="{{ opts.module_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %}
Change History (4)
comment:1 by , 14 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
comment:2 by , 14 years ago
Patch needs improvement: | set |
---|---|
Resolution: | wontfix |
Status: | closed → reopened |
The TEMPLATE_STRING_IF_INVALID is not turned by default I am using for debug purposes.
if DEBUG: TEMPLATE_STRING_IF_INVALID = '!Invalid Var!'
I understand that this WILL not fix the ISSUE it is just to locate where the issue is.
So basically you are saying that use the TEMPLATE_STRING_IF_INVALID for template failures (which I am trying to do in debug mode) AND don't use it at the same time?
It means that the django admin will not be able to change password if that setting is used and that's fine for you?
comment:3 by , 14 years ago
Resolution: | → duplicate |
---|---|
Status: | reopened → closed |
Yes, it is known and documented that admin does not work properly if TEMPLATE_STRING_IF_INVALID is non-empty. Removing admin's dependence on this is tracked by #3579. That is the ticket that should be updated to note this case.
The purpose of TEMPLATE_STRING_IF_INVALID is to help identify template failure. It's not something that should be turned on as a default setting. The documentation already warns about the potential problems that may arise, and this is just one of those problems.
The fix you propose would hide the underlying problem - the fact that you're passing in an invalid value for form_url. This isn't something we should be programatically hiding.