We have an internal page where we display stack traces on a web page.
We've been using the `format_html` before rendering the data to the
template, which has worked well in the past.
However, one of the stack traces contained a dictionary definition as
such:
{{{#!python
data = urllib.parse.urlencode({'request': self.get_serialized_data()})
}}}
Once that string reached the format_html function, it would cause the
following Exception:
{{{#!python
KeyError: "'request'"
}}}
due to the call to `format()` recognizing the dictionary as a replacement
field.
--
Ticket URL: <https://code.djangoproject.com/ticket/29179>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* type: Uncategorized => Bug
--
Ticket URL: <https://code.djangoproject.com/ticket/29179#comment:1>
* component: Uncategorized => Utilities
Comment:
Could you give a minimal example that reproduces the issue (i.e. give the
minimal string from the traceback and the arguments for `format_html()`)?
--
Ticket URL: <https://code.djangoproject.com/ticket/29179#comment:2>
Comment (by Stephan Michaud):
Replying to [comment:2 Tim Graham]:
> Could you give a minimal example that reproduces the issue (i.e. give
the minimal string from the traceback and the arguments for
`format_html()`)?
Sure! Here's the string passed in to `format_html()`:
{{{#!python
<div class="ui-state-default ui-corner-all show_node"
style="cursor:pointer;padding:4px;min-width:50px">show</div><div
class="hidden_menu">Traceback (most recent call last):
File "/home/tool/www/project/common/utils.py", line 52, in inner
ret = func(*args, **kwargs)
File
"/home/tool/www/project/servers/management/commands/servers_getindexation.py",
line 31, in handle
server.fetch_content()
File "/home/tool/www/project/common/abstract_models.py", line 289, in
fetch_content
get=params[1],
File "/home/tool/www/project/proxies/models.py", line 99, in
append_process
process.get_proxy_response()
File "/home/tool/www/project/proxies/models.py", line 254, in
get_proxy_response
data = urllib.parse.urlencode({'request': self.get_serialized_data()})
File "/home/tool/www/project/proxies/models.py", line 216, in
get_serialized_data
'useragent': self.request_useragent,
File "/home/tool/venv/lib/python3.5/base64.py", line 59, in b64encode
encoded = binascii.b2a_base64(s)[:-1]
TypeError: a bytes-like object is required, not 'str'
</div>
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/29179#comment:3>
Comment (by Tim Graham):
Oh, I see. Well, I'm not sure there's much Django can do about that. Did
you consider escaping the traceback before passing it to `format_html()`?
--
Ticket URL: <https://code.djangoproject.com/ticket/29179#comment:4>
* status: new => closed
* resolution: => wontfix
--
Ticket URL: <https://code.djangoproject.com/ticket/29179#comment:5>