Opened 4 years ago

Closed 4 years ago

#32087 closed Cleanup/optimization (fixed)

Sharing traceback in technical 500 debug page should use HTTPS.

Reported by: andershup Owned by: Nikunj Heda
Component: Error reporting Version: 3.1
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

Hi there. I am fairly new to this but already loving using django and learning so much from your brilliant documentation.
I have had a problem on two occasions where I got the error code attached below and simply could not progress beyond it.
I has caused me a real nightmare.
I emailed dpaste.com and got the following response:
Hello! It appears you have encountered an error on a website running Django, and have ended up at dpaste.com after pressing the “Share this traceback on a public website” button.

The error you are seeking help with is happening on the site where you saw the yellow error page. Please contact them directly.

So that is what I am doing here.
I also found this:
https://code.djangoproject.com/ticket/19000#no2

Anders Olesen

Attachments (1)

image.png (22.9 KB ) - added by andershup 4 years ago.

Download all attachments as: .zip

Change History (12)

by andershup, 4 years ago

Attachment: image.png added

comment:1 by Mariusz Felisiak, 4 years ago

Easy pickings: set
Summary: Error code when I try to stage my gitpod code.Sharing traceback in technical 500 debug page should use HTTPS.
Triage Stage: UnreviewedAccepted
Type: BugCleanup/optimization

Thanks, using https should fix this issue:

diff --git a/django/views/templates/technical_500.html b/django/views/templates/technical_500.html
index 57d07eb933..f0cadf03bd 100644
--- a/django/views/templates/technical_500.html
+++ b/django/views/templates/technical_500.html
@@ -278,7 +278,7 @@
       {% endfor %}
     </ul>
   </div>
-  <form action="http://dpaste.com/" name="pasteform" id="pasteform" method="post">
+  <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post">
 {% if not is_email %}
   <div id="pastebinTraceback" class="pastebin">
     <input type="hidden" name="language" value="PythonConsole">

Would you like to prepare a patch?

in reply to:  1 ; comment:2 by Nikunj Heda, 4 years ago

Replying to felixxm:

Thanks, using https should fix this issue:

diff --git a/django/views/templates/technical_500.html b/django/views/templates/technical_500.html
index 57d07eb933..f0cadf03bd 100644
--- a/django/views/templates/technical_500.html
+++ b/django/views/templates/technical_500.html
@@ -278,7 +278,7 @@
       {% endfor %}
     </ul>
   </div>
-  <form action="http://dpaste.com/" name="pasteform" id="pasteform" method="post">
+  <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post">
 {% if not is_email %}
   <div id="pastebinTraceback" class="pastebin">
     <input type="hidden" name="language" value="PythonConsole">

Would you like to prepare a patch?

I am a first time contributor, this ticket has easy pickings tag on it, Can I work on this?? And would need some help.

Version 0, edited 4 years ago by Nikunj Heda (next)

in reply to:  2 ; comment:3 by Mariusz Felisiak, 4 years ago

Replying to Nikunj Heda:

Hello,I am a first time contributor, this ticket has easy pickings tag on it, Can I work on this?? And would need some help.

Sure, there is no need to ask.

in reply to:  3 comment:4 by Nikunj Heda, 4 years ago

Replying to felixxm:

Replying to Nikunj Heda:

Hello,I am a first time contributor, this ticket has easy pickings tag on it, Can I work on this?? And would need some help.

Sure, there is no need to ask.

Thanks, I can prepare the patch and then I have to approve. Right??

in reply to:  3 comment:5 by Nikunj Heda, 4 years ago

Replying to felixxm:

Replying to Nikunj Heda:

Hello,I am a first time contributor, this ticket has easy pickings tag on it, Can I work on this?? And would need some help.

Sure, there is no need to ask.

I have made this pull request https://github.com/django/django/pull/13518 , Can you please verify.

Last edited 4 years ago by Nikunj Heda (previous) (diff)

comment:6 by Mariusz Felisiak, 4 years ago

Has patch: set
Needs tests: set
Owner: set to Nikunj Heda
Status: newassigned

in reply to:  6 ; comment:7 by Nikunj Heda, 4 years ago

Replying to felixxm:

    def test_traceback_in_500_debug_page(self):
        "To check that traceback in technical 500 debug page should use https"
        try:
            raise ValueError("Oops")
        except ValueError:
            exc_type, exc_value, tb = sys.exc_info()
        reporter = ExceptionReporter(None, exc_type, exc_value, tb)
        html = reporter.get_traceback_html()
        self.assertIn('<form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post">', html)

Is this good?? If you approve I will push.

in reply to:  7 ; comment:8 by Mariusz Felisiak, 4 years ago

Replying to Nikunj Heda:

Is this good?? If you approve I will push.

Looks good at first glance. Please send updates via PR, you don't need to ask for approval in the ticket. Updates can be discussed in PR.

in reply to:  8 comment:9 by Nikunj Heda, 4 years ago

Replying to felixxm:

Replying to Nikunj Heda:

Is this good?? If you approve I will push.

Looks good at first glance. Please send updates via PR, you don't need to ask for approval in the ticket. Updates can be discussed in PR.

Ok Got it

comment:10 by Mariusz Felisiak, 4 years ago

Needs tests: unset
Triage Stage: AcceptedReady for checkin

comment:11 by Mariusz Felisiak <felisiak.mariusz@…>, 4 years ago

Resolution: fixed
Status: assignedclosed

In 079deba5:

Fixed #32087 -- Made technical 500 debug page use HTTPS for sharing traceback.

Note: See TracTickets for help on using tickets.
Back to Top