o 3aW@sZddlZddlZddlZddlZddlZddlmZddlmZddl m Z m Z m Z ddl mZmZmZddlmZddlmZddlmZdd lmZdd lmZdd lmZdd lmZdd lm Z edddidZ!ee"j#Z$Gddde%Z&GdddZ'd'ddZ(e)ddZ*ddZ+ddZ,Gdd d Z-Gd!d"d"Z.d#d$Z/d%d&Z0dS)(N)Path)settings)Http404 HttpResponseHttpResponseNotFound)ContextEngineTemplateDoesNotExist)pprint)resolve)timezone)MultiValueDict) force_str) import_string)_lazy_re_compile)get_docs_versionTi18nzdjango.templatetags.i18n)debug librariesc@s eZdZdS)ExceptionCycleWarningN)__name__ __module__ __qualname__rr4/usr/lib/python3/dist-packages/django/views/debug.pyr src@s eZdZdZddZddZdS)CallableSettingWrapperz Object to wrap callable appearing in settings. * Not to call in the debug page (#21345). * Not to break the debug page if the callable forbidding to set attributes (#23070). cCs ||_dSN)_wrapped)selfcallable_settingrrr__init__+ zCallableSettingWrapper.__init__cCs t|jSr)reprrrrrr__repr__.r!zCallableSettingWrapper.__repr__N)rrr__doc__r r$rrrrr$s rcCsHt|||||}|dr|}t||ddS|}t||ddS)z Create a technical server error response. The last three arguments are the values returned from sys.exc_info() and friends. text/html)status content_typeztext/plain; charset=utf-8)get_exception_reporter_classacceptsget_traceback_htmlrget_traceback_text)requestexc_type exc_valuetb status_codereporterhtmltextrrrtechnical_500_response2s  r6cCs ttjSr)rr!DEFAULT_EXCEPTION_REPORTER_FILTERrrrr%get_default_exception_reporter_filter@s r8cCst}t|d|S)Nexception_reporter_filter)r8getattr)r.default_filterrrrget_exception_reporter_filterFs r<cCsttj}t|d|S)Nexception_reporter_class)rrDEFAULT_EXCEPTION_REPORTERr:)r. default_exception_reporter_classrrrr*Ks  r*c@sbeZdZdZdZedejdZddZ ddZ d d Z d d Z d dZ ddZddZddZdS)SafeExceptionReporterFilterz Use annotations made by the sensitive_post_parameters and sensitive_variables decorators to filter out sensitive information. z********************z#API|TOKEN|KEY|SECRET|PASS|SIGNATURE)flagscszj|}Wn tyd}Ynw|rj}n3t|tr+fdd|D}n"t|tr:fdd|D}nt|trKtfdd|D}n|}t |rUt |}|S)z Cleanse an individual setting key/value of sensitive content. If the value is a dictionary, recursively cleanse the keys in that dictionary. Fci|] \}}|||qSrcleanse_setting.0kvr#rr ez?SafeExceptionReporterFilter.cleanse_setting..cg|]}d|qSrCrFrHr#rr gz?SafeExceptionReporterFilter.cleanse_setting..crKrLrCrNr#rrrOirP) hidden_settingssearch TypeErrorcleansed_substitute isinstancedictitemslisttuplecallabler)rkeyvalue is_sensitivecleansedrr#rrDXs"    z+SafeExceptionReporterFilter.cleanse_settingcCs4i}ttD]}|r||tt|||<q|S)z Return a dictionary of the settings module with values of sensitive settings replaced with stars (*********). )dirrisupperrDr:)r settings_dictrGrrrget_safe_settingsrs  z-SafeExceptionReporterFilter.get_safe_settingscs&t|dsiSfdd|jDS)zU Return a dictionary of request.META with sensitive values redacted. METAcrBrrCrEr#rrrIrJzESafeExceptionReporterFilter.get_safe_request_meta..)hasattrrcrWrr.rr#rget_safe_request_meta}s z1SafeExceptionReporterFilter.get_safe_request_metacCs tjduS)a This filter is to add safety in production environments (i.e. DEBUG is False). If DEBUG is True then your site is not safe anyway. This hook is provided as a convenience to easily activate or deactivate the filter on a per request basis. F)rDEBUGrerrr is_actives z%SafeExceptionReporterFilter.is_activecCsBt|dg}||r|r|}|D] }||vr|j||<q|S)z Replace the keys in a MultiValueDict marked as sensitive with stars. This mitigates leaking sensitive POST parameters if something like request.POST['nonexistent_key'] throws an exception (#21098). sensitive_post_parameters)r:rhcopyrT)rr.multivaluedictriparamrrrget_cleansed_multivaluedicts  z7SafeExceptionReporterFilter.get_cleansed_multivaluedictcCsv|duriSt|dg}||r8|r8|j}|dkr(|D]}|j||<q|S|D] }||vr5|j||<q*|S|jS)zk Replace the values of POST parameters marked as sensitive with stars (*********). Nri__ALL__)r:rhPOSTrjrT)rr.rir^rGrlrrrget_post_parameterss    z/SafeExceptionReporterFilter.get_post_parametersc CsTzt|t}Wnty}z d||WYd}~Sd}~ww|r(|||}|S)Nz{!r} while evaluating {!r})rUr Exceptionformatrm)rr.r\is_multivalue_dicterrrcleanse_special_typess z1SafeExceptionReporterFilter.cleanse_special_typesc Cs|j}d}|dur'|jjdkr d|jvr |jd}t|dd}n|j}|dus i}||r]|r]|dkr@|jD]}|j||<q7n/|jD]\}}||vrQ|j}n|||}|||<qEn|jD] \}}|||||<qb|jjdkrd|jvr|j|d<|j|d<|S)ze Replace the values of variables marked as sensitive with stars (*********). Nsensitive_variables_wrappersensitive_variablesrn func_args func_kwargs) f_backf_codeco_namef_localsr:rhrTrWru) rr.tb_frame current_framerwwrapperr^namer\rrrget_traceback_frame_variabless:              z9SafeExceptionReporterFilter.get_traceback_frame_variablesN)rrrr%rTrreIrQrDrbrfrhrmrprurrrrrr@Ps   r@c@steZdZdZeddZeddZdddZd d Zd d Z d dZ ddZ dddZ ddZ ddZddZdS)ExceptionReporterz0Organize and coordinate reporting on exceptions.cC tddS)N templatesztechnical_500.html CURRENT_DIRr#rrrhtml_template_path z$ExceptionReporter.html_template_pathcCr)Nrztechnical_500.txtrr#rrrtext_template_pathrz$ExceptionReporter.text_template_pathFcCsJ||_t|j|_||_||_||_||_t|jdd|_d|_ d|_ dS)Ntemplate_debugF) r.r<filterr/r0r1is_emailr: template_infotemplate_does_not_exist postmortem)rr.r/r0r1rrrrr s  zExceptionReporter.__init__cCs|jrt|jtrd|_|jjp|jg|_|}t|D]8\}}d|vrQg}|dD]!\}}t |}t |dkrEd|ddt |f}| ||fq+||d<|||<qd}|jrt|jt rt |jdd}t |jd d} |dur| dur|jjd } t| t|d dt| d t | d d d}ddlm} |jdurd} nzt|jj} Wn tyd} Ynwid|jd|d|d|jd|j|jd| dt|j|jd|jdtj ddtj!dddt"#d| dtj$d |j%d!|jd"|j} |jdur(|jj&| d#<|jj'| d$<|jj(| d%<|jr2|jj)| d&<|jr=t|j| d'<|rF|d(| d)<| S)*z5Return a dictionary containing traceback information.Tvarsiu%s… rrMstartNendasciireplace)errors) get_versionz%[unable to retrieve the current user]r unicode_hintframesr. request_metauser_strfiltered_POST_itemsrsys_executablesys_version_infoz%d.%d.%d server_timedjango_version_infosys_pathrrrrequest_GET_itemsrequest_FILES_itemsrequest_COOKIES_itemsexception_typeexception_value lastframe)*r/ issubclassr rr0chainrget_traceback_frames enumerater lenappend UnicodeErrorr:argsrmaxmindjangorr.struserrqrrrfrXrprWrbsys executable version_infor nowpathrGETFILESCOOKIESr)rriframe frame_varsrGrHrrr unicode_strrrcrrrget_traceback_data s   "            z$ExceptionReporter.get_traceback_datacCsV|jjdd}t|}Wdn1swYt|dd}||S)z1Return HTML version of debug 500 HTTP error page.utf-8encodingNF)use_l10n)ropen DEBUG_ENGINE from_stringreadrrrenderrfhtrrrrr,Us  z$ExceptionReporter.get_traceback_htmlcCsX|jjdd}t|}Wdn1swYt|ddd}||S)z7Return plain text version of debug 500 HTTP error page.rrNF) autoescaper)rrrrrrrrrrrrr-\s  z$ExceptionReporter.get_traceback_textcCsd}t|dr z||}Wn tyYnw|dur |}|durOz t|d}|}WdW|S1s=wYW|StyNY|Sw|S)N get_sourcerb)rdr ImportError splitlinesrrOSError)rfilenameloader module_namesourcefprrr _get_sourcecs,     zExceptionReporter._get_sourceNcs||||}|durdgdgfSt|dtr=d|ddD]}td|}|r3|ddnq fdd|D}td||} ||} z|| |} ||} ||d| } WntykdgdgfYSw| | | | fS) z Return context_lines before and after lineno from file. Return (pre_context_lineno, pre_context, context_line, post_context). Nrrscoding[:=]\s*([-\w.]+)rcsg|]}t|dqS)r)r)rFslinerrrrOrPz:ExceptionReporter._get_lines_from_file..)rrUbytesrrRdecoder IndexError)rrlineno context_linesrrrlinematch lower_bound upper_bound pre_context context_line post_contextrrr_get_lines_from_filets,     z&ExceptionReporter._get_lines_from_filecCs4t|dd}t|dd}t|dd}|p|rdS|S)N __cause____suppress_context__ __context__)r:)rr0explicitsuppress_contextimplicitrrr_get_explicit_or_implicit_causes   z1ExceptionReporter._get_explicit_or_implicit_causecCsg}|j}|r ||||}||vrtd|tn|sg}|s&|S|}|s/|jn|j} | | ||z|}Wn t yLY|Sw|j}q3)NzHCycle in the exception chain detected: exception '%s' encountered again.) r0rrwarningswarnrpopr1 __traceback__extendget_exception_traceback_framesr)r exceptionsr0rr1rrrrs:     z&ExceptionReporter.get_traceback_framesccs||}t|dd}|dur||dddV|dur|jjdr'|j}q|jjj}|jjj}|j d}|jj d}|jj dpEd } | ||d || \} } } } | dur_|} g} d } g} |||| d rid nd|||d|j |j|jt|| | | | dd V|j}|dusdSdS)NrTr) exc_causeexc_cause_explicitr1type__traceback_hide__r __loader__rrMzzdjango.r) rrr1rrfunctionrridrrrpre_context_lineno)rr:r~r}gettb_nextr{ co_filenamer| tb_lineno f_globalsr startswithrrr.r)rr0r1rrrrrrrrrrrrrrrsT       z0ExceptionReporter.get_exception_traceback_frames)F)NN)rrrr%propertyrrr rr,r-rrrrrrrrrrs    H " !rc Csz |jdd}Wntttfy|jdd}Ynwz |jdd}Wntttfy=d}|jr9|jjnd}Yn;wd}|rt|jdkrxt|dkrxt|ddkrxt |ddd d t |ddd d krrd krxt |Snt |St |d t j }t |tjr|j}d }zt|j}Wn tyYn*w|j}t|dr|j}nt|drt|jdr|jj}t|dr|j} d| |f}ttddjdd} t| } Wdn1swYt} t|t j |||t||| |d } t!| "| ddS)zBCreate a technical 404 error response. `exception` is the Http404.rrrNtriedTF/app_namerM namespaceadminurlconfr __class__rz%s.%srztechnical_404.htmlrr) r root_urlconf request_path urlpatternsresolvedreasonr.rraising_view_namer'r))#rrrSKeyError path_inforesolver_matchrrrr:default_urlconfr ROOT_URLCONFrUtypes ModuleTyperr rfuncrdrrrrrrrrr8rrrbrr)r. exception error_urlrrrcallerrobjmodulerrreporter_filterrrrrtechnical_404_responsesj  2      r*cCsbttddjdd}t|}Wdn1swYtdti}t| |ddS) z+Create an empty URLconf 404 error response.rzdefault_urlconf.htmlrrNversionr'r) rrrrrrrrrr)r.rrrrrrr(sr)r&)1 functoolsrrr!rpathlibr django.confr django.httprrrdjango.templaterrr django.template.defaultfiltersr django.urlsr django.utilsr django.utils.datastructuresr django.utils.encodingrdjango.utils.module_loadingrdjango.utils.regex_helperrdjango.utils.versionrr__file__parentr UserWarningrrr6 lru_cacher8r<r*r@rr*rrrrrsF             'w <