mirror of
https://github.com/django/django.git
synced 2025-10-24 06:06:09 +00:00
Fixed #23813 -- Added checks for common URL pattern errors
Thanks jwa and lamby for the suggestions, and timgraham and jarshwah for their reviews.
This commit is contained in:
committed by
Josh Smeaton
parent
2f53d342f1
commit
fe3fc5210f
@@ -15,6 +15,8 @@ import django.core.checks.security.base # NOQA isort:skip
|
|||||||
import django.core.checks.security.csrf # NOQA isort:skip
|
import django.core.checks.security.csrf # NOQA isort:skip
|
||||||
import django.core.checks.security.sessions # NOQA isort:skip
|
import django.core.checks.security.sessions # NOQA isort:skip
|
||||||
import django.core.checks.templates # NOQA isort:skip
|
import django.core.checks.templates # NOQA isort:skip
|
||||||
|
import django.core.checks.urls # NOQA isort:skip
|
||||||
|
|
||||||
|
|
||||||
__all__ = [
|
__all__ = [
|
||||||
'CheckMessage',
|
'CheckMessage',
|
||||||
|
@@ -17,6 +17,7 @@ class Tags(object):
|
|||||||
security = 'security'
|
security = 'security'
|
||||||
signals = 'signals'
|
signals = 'signals'
|
||||||
templates = 'templates'
|
templates = 'templates'
|
||||||
|
urls = 'urls'
|
||||||
|
|
||||||
|
|
||||||
class CheckRegistry(object):
|
class CheckRegistry(object):
|
||||||
|
87
django/core/checks/urls.py
Normal file
87
django/core/checks/urls.py
Normal file
@@ -0,0 +1,87 @@
|
|||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from . import Tags, Warning, register
|
||||||
|
|
||||||
|
|
||||||
|
@register(Tags.urls)
|
||||||
|
def check_url_config(app_configs, **kwargs):
|
||||||
|
from django.core.urlresolvers import get_resolver
|
||||||
|
resolver = get_resolver()
|
||||||
|
return check_resolver(resolver)
|
||||||
|
|
||||||
|
|
||||||
|
def check_resolver(resolver):
|
||||||
|
"""
|
||||||
|
Recursively check the resolver
|
||||||
|
"""
|
||||||
|
from django.core.urlresolvers import RegexURLPattern, RegexURLResolver
|
||||||
|
warnings = []
|
||||||
|
for pattern in resolver.url_patterns:
|
||||||
|
if isinstance(pattern, RegexURLResolver):
|
||||||
|
warnings.extend(check_include_trailing_dollar(pattern))
|
||||||
|
# Check resolver recursively
|
||||||
|
warnings.extend(check_resolver(pattern))
|
||||||
|
elif isinstance(pattern, RegexURLPattern):
|
||||||
|
warnings.extend(check_pattern_name(pattern))
|
||||||
|
|
||||||
|
warnings.extend(check_pattern_startswith_slash(pattern))
|
||||||
|
|
||||||
|
return warnings
|
||||||
|
|
||||||
|
|
||||||
|
def describe_pattern(pattern):
|
||||||
|
"""
|
||||||
|
Formats the URL pattern for display in warning messages
|
||||||
|
"""
|
||||||
|
description = "'{}'".format(pattern.regex.pattern)
|
||||||
|
if getattr(pattern, 'name', False):
|
||||||
|
description += " [name='{}']".format(pattern.name)
|
||||||
|
return description
|
||||||
|
|
||||||
|
|
||||||
|
def check_include_trailing_dollar(pattern):
|
||||||
|
"""
|
||||||
|
Checks that include is not used with a regex ending with a dollar.
|
||||||
|
"""
|
||||||
|
regex_pattern = pattern.regex.pattern
|
||||||
|
if regex_pattern.endswith('$') and not regex_pattern.endswith('\$'):
|
||||||
|
warning = Warning(
|
||||||
|
"Your URL pattern {} uses include with a regex ending with a '$'. "
|
||||||
|
"Remove the dollar from the regex to avoid problems including "
|
||||||
|
"URLs.".format(describe_pattern(pattern)),
|
||||||
|
id="urls.W001",
|
||||||
|
)
|
||||||
|
return [warning]
|
||||||
|
else:
|
||||||
|
return []
|
||||||
|
|
||||||
|
|
||||||
|
def check_pattern_startswith_slash(pattern):
|
||||||
|
"""
|
||||||
|
Checks that the pattern does not begin with a forward slash
|
||||||
|
"""
|
||||||
|
regex_pattern = pattern.regex.pattern
|
||||||
|
if regex_pattern.startswith('/') or regex_pattern.startswith('^/'):
|
||||||
|
warning = Warning(
|
||||||
|
"Your URL pattern {} has a regex beginning with a '/'. "
|
||||||
|
"Remove this slash as it is unnecessary.".format(describe_pattern(pattern)),
|
||||||
|
id="urls.W002",
|
||||||
|
)
|
||||||
|
return [warning]
|
||||||
|
else:
|
||||||
|
return []
|
||||||
|
|
||||||
|
|
||||||
|
def check_pattern_name(pattern):
|
||||||
|
"""
|
||||||
|
Checks that the pattern name does not contain a colon
|
||||||
|
"""
|
||||||
|
if pattern.name is not None and ":" in pattern.name:
|
||||||
|
warning = Warning(
|
||||||
|
"Your URL pattern {} has a name including a ':'. Remove the colon, to "
|
||||||
|
"avoid ambiguous namespace references.".format(describe_pattern(pattern)),
|
||||||
|
id="urls.W003",
|
||||||
|
)
|
||||||
|
return [warning]
|
||||||
|
else:
|
||||||
|
return []
|
@@ -146,7 +146,7 @@ def get_callable(lookup_view, can_fail=False):
|
|||||||
|
|
||||||
|
|
||||||
@lru_cache.lru_cache(maxsize=None)
|
@lru_cache.lru_cache(maxsize=None)
|
||||||
def get_resolver(urlconf):
|
def get_resolver(urlconf=None):
|
||||||
if urlconf is None:
|
if urlconf is None:
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
urlconf = settings.ROOT_URLCONF
|
urlconf = settings.ROOT_URLCONF
|
||||||
|
@@ -81,6 +81,7 @@ Django's system checks are organized using the following tags:
|
|||||||
* ``security``: Checks security related configuration.
|
* ``security``: Checks security related configuration.
|
||||||
* ``templates``: Checks template related configuration.
|
* ``templates``: Checks template related configuration.
|
||||||
* ``caches``: Checks cache related configuration.
|
* ``caches``: Checks cache related configuration.
|
||||||
|
* ``urls``: Checks URL configuration.
|
||||||
|
|
||||||
Some checks may be registered with multiple tags.
|
Some checks may be registered with multiple tags.
|
||||||
|
|
||||||
@@ -580,3 +581,18 @@ configured:
|
|||||||
|
|
||||||
* **caches.E001**: You must define a ``'default'`` cache in your
|
* **caches.E001**: You must define a ``'default'`` cache in your
|
||||||
:setting:`CACHES` setting.
|
:setting:`CACHES` setting.
|
||||||
|
|
||||||
|
URLs
|
||||||
|
----
|
||||||
|
|
||||||
|
The following checks are performed on your URL configuration:
|
||||||
|
|
||||||
|
* **urls.W001**: Your URL pattern ``<pattern>`` uses
|
||||||
|
:func:`~django.conf.urls.include` with a ``regex`` ending with a
|
||||||
|
``$``. Remove the dollar from the ``regex`` to avoid problems
|
||||||
|
including URLs.
|
||||||
|
* **urls.W002**: Your URL pattern ``<pattern>`` has a ``regex``
|
||||||
|
beginning with a ``/``. Remove this slash as it is unnecessary.
|
||||||
|
* **urls.W003**: Your URL pattern ``<pattern>`` has a ``name``
|
||||||
|
including a ``:``. Remove the colon, to avoid ambiguous namespace
|
||||||
|
references.
|
||||||
|
@@ -641,6 +641,8 @@ URLs
|
|||||||
of (<list of patterns>, <application namespace>) as the first argument to
|
of (<list of patterns>, <application namespace>) as the first argument to
|
||||||
:func:`~django.conf.urls.include`.
|
:func:`~django.conf.urls.include`.
|
||||||
|
|
||||||
|
* System checks have been added for common URL pattern mistakes.
|
||||||
|
|
||||||
Validators
|
Validators
|
||||||
^^^^^^^^^^
|
^^^^^^^^^^
|
||||||
|
|
||||||
|
37
tests/check_framework/test_urls.py
Normal file
37
tests/check_framework/test_urls.py
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
from django.core.checks.urls import check_url_config
|
||||||
|
from django.test import SimpleTestCase
|
||||||
|
from django.test.utils import override_settings
|
||||||
|
|
||||||
|
|
||||||
|
class CheckUrlsTest(SimpleTestCase):
|
||||||
|
@override_settings(ROOT_URLCONF='check_framework.urls_no_warnings')
|
||||||
|
def test_include_no_warnings(self):
|
||||||
|
result = check_url_config(None)
|
||||||
|
self.assertEqual(result, [])
|
||||||
|
|
||||||
|
@override_settings(ROOT_URLCONF='check_framework.urls_include')
|
||||||
|
def test_include_with_dollar(self):
|
||||||
|
result = check_url_config(None)
|
||||||
|
self.assertEqual(len(result), 1)
|
||||||
|
warning = result[0]
|
||||||
|
self.assertEqual(warning.id, 'urls.W001')
|
||||||
|
expected_msg = "Your URL pattern '^include-with-dollar$' uses include with a regex ending with a '$'."
|
||||||
|
self.assertIn(expected_msg, warning.msg)
|
||||||
|
|
||||||
|
@override_settings(ROOT_URLCONF='check_framework.urls_slash')
|
||||||
|
def test_url_beginning_with_slash(self):
|
||||||
|
result = check_url_config(None)
|
||||||
|
self.assertEqual(len(result), 1)
|
||||||
|
warning = result[0]
|
||||||
|
self.assertEqual(warning.id, 'urls.W002')
|
||||||
|
expected_msg = "Your URL pattern '/starting-with-slash/$' has a regex beginning with a '/'"
|
||||||
|
self.assertIn(expected_msg, warning.msg)
|
||||||
|
|
||||||
|
@override_settings(ROOT_URLCONF='check_framework.urls_name')
|
||||||
|
def test_url_pattern_name_with_colon(self):
|
||||||
|
result = check_url_config(None)
|
||||||
|
self.assertEqual(len(result), 1)
|
||||||
|
warning = result[0]
|
||||||
|
self.assertEqual(warning.id, 'urls.W003')
|
||||||
|
expected_msg = "Your URL pattern '^$' [name='name_with:colon'] has a name including a ':'."
|
||||||
|
self.assertIn(expected_msg, warning.msg)
|
7
tests/check_framework/urls_include.py
Normal file
7
tests/check_framework/urls_include.py
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
from django.conf.urls import include, url
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
url(r'^', include([
|
||||||
|
url(r'^include-with-dollar$', include([])),
|
||||||
|
])),
|
||||||
|
]
|
13
tests/check_framework/urls_name.py
Normal file
13
tests/check_framework/urls_name.py
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
from django.conf.urls import include, url
|
||||||
|
from django.http import HttpResponse
|
||||||
|
|
||||||
|
|
||||||
|
def view(request):
|
||||||
|
return HttpResponse('')
|
||||||
|
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
url('^', include([
|
||||||
|
url(r'^$', view, name='name_with:colon'),
|
||||||
|
])),
|
||||||
|
]
|
15
tests/check_framework/urls_no_warnings.py
Normal file
15
tests/check_framework/urls_no_warnings.py
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
from django.conf.urls import include, url
|
||||||
|
from django.http import HttpResponse
|
||||||
|
|
||||||
|
|
||||||
|
def view(request):
|
||||||
|
return HttpResponse('')
|
||||||
|
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
url(r'^foo/', view, name='foo'),
|
||||||
|
# This dollar is ok as it is escaped
|
||||||
|
url(r'^\$', include([
|
||||||
|
url(r'^bar/$', view, name='bar'),
|
||||||
|
])),
|
||||||
|
]
|
13
tests/check_framework/urls_slash.py
Normal file
13
tests/check_framework/urls_slash.py
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
from django.conf.urls import include, url
|
||||||
|
from django.http import HttpResponse
|
||||||
|
|
||||||
|
|
||||||
|
def view(request):
|
||||||
|
return HttpResponse('')
|
||||||
|
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
url('^', include([
|
||||||
|
url(r'/starting-with-slash/$', view),
|
||||||
|
])),
|
||||||
|
]
|
Reference in New Issue
Block a user