id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 28276 debug.py loops over QueryDict['items'] instead of QueryDict.items() victor felder nobody "Posting a dict with a key named `items` to a view that triggers `django/views/debug.py` crashes because of a confusion between `QueryDict.items()` and `QueryDict['items']`. 1. If the POST QueryDict contains an `items` key at the time the Django debug view gets rendered, Django 1.10 crashes because the for-loop supposed to display the POST QueryDict in the Django debug view will not be able to unpack the `items` key into `k, v`. 2. It happens on this line: [https://github.com/django/django/blob/e75c188d1cd4ddae2726fe6db001f9e9d693b032/django/views/debug.py#L1119] (this links to this file in release 1.10.7) 3. `for k, v in filtered_POST.items` is supposed to iterate over QueryDirect `items()` but when rendered in the `TECHNICAL_500_TEXT_TEMPLATE` via `.render()`, it iterates over the content of the QueryDict `items` key instead. ---- What I post from a unit test case: {{{ response = self.client.post( reverse('foobar'), { 'foo': '', 'items': [1] } ) }}} (Note that the view this is posting to will `raise`, triggering the render of Django's `debug.py`.) What I get when I `print c['filtered_POST']` right before this line: [https://github.com/django/django/blob/e75c188d1cd4ddae2726fe6db001f9e9d693b032/django/views/debug.py#L335]: {{{ }}} The errors I get: == Django 1.10.7: {{{ ValueError: Need 2 values to unpack in for loop; got 1. }}} == Django 1.9 same issue with a warning instead of crashing, for obvious reasons: {{{ RemovedInDjango110Warning: Need 2 values to unpack in for loop; got 1. This will raise an exception in Django 1.10. }}} ---- Python version I'm using: {{{ Python 2.7.13 (default, Dec 18 2016, 07:03:39) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.42.1)] on darwin }}} " Bug closed Error reporting 1.10 Normal duplicate Unreviewed 0 0 0 0 0 0