mirror of
				https://github.com/django/django.git
				synced 2025-10-24 22:26:08 +00:00 
			
		
		
		
	Fixed #33096 -- Fixed <form> nesting in technical 500 template.
This also prevents sending <form> tags in emails.
This commit is contained in:
		
				
					committed by
					
						 Mariusz Felisiak
						Mariusz Felisiak
					
				
			
			
				
	
			
			
			
						parent
						
							0a28b42b15
						
					
				
				
					commit
					06e59d97a3
				
			| @@ -276,8 +276,8 @@ | ||||
|       {% endfor %} | ||||
|     </ul> | ||||
|   </div> | ||||
|   <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post"> | ||||
| {% if not is_email %} | ||||
|   <form action="https://dpaste.com/" name="pasteform" id="pasteform" method="post"> | ||||
|   <div id="pastebinTraceback" class="pastebin"> | ||||
|     <input type="hidden" name="language" value="PythonConsole"> | ||||
|     <input type="hidden" name="title" | ||||
| @@ -327,8 +327,8 @@ Exception Value: {{ exception_value|force_escape }} | ||||
|   <input type="submit" value="Share this traceback on a public website"> | ||||
|   </div> | ||||
| </form> | ||||
| </div> | ||||
| {% endif %} | ||||
| </div> | ||||
| {% endif %} | ||||
|  | ||||
| <div id="requestinfo"> | ||||
|   | ||||
| @@ -422,6 +422,22 @@ class AdminEmailHandlerTest(SimpleTestCase): | ||||
|         msg = mail.outbox[0] | ||||
|         self.assertEqual(msg.body, 'message\n\ncustom traceback text') | ||||
|  | ||||
|     @override_settings(ADMINS=[('admin', 'admin@example.com')]) | ||||
|     def test_emit_no_form_tag(self): | ||||
|         """HTML email doesn't contain forms.""" | ||||
|         handler = AdminEmailHandler(include_html=True) | ||||
|         record = self.logger.makeRecord( | ||||
|             'name', logging.ERROR, 'function', 'lno', 'message', None, None, | ||||
|         ) | ||||
|         handler.emit(record) | ||||
|         self.assertEqual(len(mail.outbox), 1) | ||||
|         msg = mail.outbox[0] | ||||
|         self.assertEqual(msg.subject, '[Django] ERROR: message') | ||||
|         self.assertEqual(len(msg.alternatives), 1) | ||||
|         body_html = str(msg.alternatives[0][0]) | ||||
|         self.assertIn('<div id="traceback">', body_html) | ||||
|         self.assertNotIn('<form', body_html) | ||||
|  | ||||
|  | ||||
| class SettingsConfigTest(AdminScriptTestCase): | ||||
|     """ | ||||
|   | ||||
		Reference in New Issue
	
	Block a user