#15034 closed (duplicate)
Django's pretty error handling fails if there's a callable local var that generates an exception in the stack trace.
| Reported by: | Tai Lee | Owned by: | nobody |
|---|---|---|---|
| Component: | Core (Other) | Version: | dev |
| Severity: | Keywords: | debug template 500 error exception hijacked | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
To reproduce, just add the following to any known working view:
from django.forms import BaseForm raise Exception
Instead of getting Django's pretty error handling, you will get a raw traceback in your browser that has nothing to do with the Exception you raised.
The reason why is that TECHNICAL_500_TEMPLATE contains {{ var.1|pprint|force_escape }} which triggers a call to Variable().resolve() which tries calling var.1 (since it is callable) before passing it into the pprint filter.
If var.1 raises an exception when called, as BaseForm does (by design in this case as it's not meant to be called directly), the pretty error handling is hijacked and you have no idea what caused it.
The fix is to call pprint() and force_escape() on each frame's local vars before passing them to the template as context.
Attachments (1)
Change History (5)
by , 13 years ago
| Attachment: | 15034-technical-500-response-r15153.diff added |
|---|
comment:1 by , 13 years ago
| Has patch: | set |
|---|---|
| Needs documentation: | set |
comment:2 by , 13 years ago
| Needs documentation: | unset |
|---|
Just added a patch with tests. I don't think this needs any documentation.