diff options
| author | Adrian Holovaty <adrian@holovaty.com> | 2006-09-05 00:26:14 +0000 |
|---|---|---|
| committer | Adrian Holovaty <adrian@holovaty.com> | 2006-09-05 00:26:14 +0000 |
| commit | 6417d6c7c3e439253b0188a61e5bcd0dd5063bc4 (patch) | |
| tree | 13b6aaaabfb58ad056489ef70d730d349fc1cc4a /django/views/debug.py | |
| parent | 7bd946258e36718a78fed2e5fd8dca35b4dfc9ad (diff) | |
Added some escaping of request.path to django/views/debug.py. Thanks, Simon Greenhill
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3722 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/views/debug.py')
| -rw-r--r-- | django/views/debug.py | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/django/views/debug.py b/django/views/debug.py index 957d9dfd93..6178bdb83b 100644 --- a/django/views/debug.py +++ b/django/views/debug.py @@ -189,7 +189,7 @@ TECHNICAL_500_TEMPLATE = """ <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="NONE,NOARCHIVE" /> - <title>{{ exception_type }} at {{ request.path }}</title> + <title>{{ exception_type }} at {{ request.path|escape }}</title> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } @@ -292,7 +292,7 @@ TECHNICAL_500_TEMPLATE = """ <body> <div id="summary"> - <h1>{{ exception_type }} at {{ request.path }}</h1> + <h1>{{ exception_type }} at {{ request.path|escape }}</h1> <h2>{{ exception_value|escape }}</h2> <table class="meta"> <tr> @@ -301,7 +301,7 @@ TECHNICAL_500_TEMPLATE = """ </tr> <tr> <th>Request URL:</th> - <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path }}</td> + <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path|escape }}</td> </tr> <tr> <th>Exception Type:</th> @@ -309,7 +309,7 @@ TECHNICAL_500_TEMPLATE = """ </tr> <tr> <th>Exception Value:</th> - <td>{{ exception_value }}</td> + <td>{{ exception_value|escape }}</td> </tr> <tr> <th>Exception Location:</th> @@ -412,7 +412,7 @@ Traceback (most recent call last):<br/> {{ frame.lineno }}. {{ frame.context_line|escape }}<br/> {% endif %} {% endfor %}<br/> - {{ exception_type }} at {{ request.path }}<br/> + {{ exception_type }} at {{ request.path|escape }}<br/> {{ exception_value|escape }}</code> </td> </tr> @@ -546,7 +546,7 @@ TECHNICAL_404_TEMPLATE = """ <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> - <title>Page not found at {{ request.path }}</title> + <title>Page not found at {{ request.path|escape }}</title> <meta name="robots" content="NONE,NOARCHIVE" /> <style type="text/css"> html * { padding:0; margin:0; } @@ -576,7 +576,7 @@ TECHNICAL_404_TEMPLATE = """ </tr> <tr> <th>Request URL:</th> - <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path }}</td> + <td>{{ request_protocol }}://{{ request.META.HTTP_HOST }}{{ request.path|escape }}</td> </tr> </table> </div> @@ -591,7 +591,7 @@ TECHNICAL_404_TEMPLATE = """ <li>{{ pattern|escape }}</li> {% endfor %} </ol> - <p>The current URL, <code>{{ request.path }}</code>, didn't match any of these.</p> + <p>The current URL, <code>{{ request.path|escape }}</code>, didn't match any of these.</p> {% else %} <p>{{ reason|escape }}</p> {% endif %} |