Context Navigation

← Previous Ticket
Next Ticket →

#7697 closed (fixed)

safe strings in debug page shown as html

Reported by:	charmless	Owned by:	Chris Beaven
Component:	Core (Other)	Version:	dev
Severity:		Keywords:
Cc:		Triage Stage:	Ready for checkin
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	no	UI/UX:	no

Description

if a local variable is a safe string, then it will display in the debug output as unescaped, rendered HTML.
Expected: Should render as some sort of useful repr() of the string.

Attachments (2)

7697.diff (2.0 KB ) - added by Chris Beaven 15 years ago.
7697.2.diff (2.7 KB ) - added by Chris Beaven 14 years ago.

Download all attachments as: .zip

Change History (8)

comment:1 by Sung-jin Hong, 16 years ago

Triage Stage:	Unreviewed → Accepted

comment:2 by Chris Beaven, 15 years ago

Owner:	changed from nobody to Chris Beaven
Status:	new → assigned

by Chris Beaven, 15 years ago

Attachment:	7697.diff added

by Chris Beaven, 14 years ago

Attachment:	7697.2.diff added

comment:3 by Chris Beaven, 14 years ago

Has patch:	set
Triage Stage:	Accepted → Ready for checkin

comment:4 by Malcolm Tredinnick, 14 years ago

Resolution:	→ fixed
Status:	assigned → closed

(In [13741]) Display a repr-like result for safe-string local variables on the debug page.

Fixed #7697. Thanks, SmileyChris.

comment:5 by Tim Graham <timograham@…>, 7 years ago

In 293608a2:

Refs #7697 -- Removed unnecessary force_escape of technical 500 debug view "unicode hint".

The test passes before and after the removal. unicode_hint will never
be SafeText, so normal autoescaping is sufficient.

comment:6 by GitHub <noreply@…>, 7 years ago

In d70432de:

Refs #7697 -- Tested escaping of safe strings in the technical 500 debug view.

Tests were omitted in the original commit: a56a226241f5808b2eaf1e4b5a155d35047b8a06.

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues