summaryrefslogtreecommitdiff
path: root/tests/view_tests/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'tests/view_tests/views.py')
-rw-r--r--tests/view_tests/views.py14
1 files changed, 13 insertions, 1 deletions
diff --git a/tests/view_tests/views.py b/tests/view_tests/views.py
index 97695ef493..8cf9ab4dde 100644
--- a/tests/view_tests/views.py
+++ b/tests/view_tests/views.py
@@ -9,7 +9,7 @@ from django.core.exceptions import (
)
from django.http import Http404, HttpResponse, JsonResponse
from django.shortcuts import render
-from django.template import TemplateDoesNotExist
+from django.template import Context, Template, TemplateDoesNotExist
from django.urls import get_resolver
from django.views import View
from django.views.debug import (
@@ -89,6 +89,18 @@ def template_exception(request):
return render(request, 'debug/template_exception.html')
+def safestring_in_template_exception(request):
+ """
+ Trigger an exception in the template machinery which causes a SafeString
+ to be inserted as args[0] of the Exception.
+ """
+ template = Template('{% extends "<script>alert(1);</script>" %}')
+ try:
+ template.render(Context())
+ except Exception:
+ return technical_500_response(request, *sys.exc_info())
+
+
def jsi18n(request):
return render(request, 'jsi18n.html')
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 01:16:35 +0000