html.py

Revision 15270, 1.2 kB (checked in by exarkun, 4 years ago)

<pre>An error has occurred.</pre> if t.w.html.output() fails - resolves issue 1337

r872 removed the traceback from the <pre></pre>, leaving it
empty, but comes with no explaination and failed to update
the docstring to indicate the change in behavior. Most likely
this was deemed a security fix, to avoid revealing source lines,
filesystem details, and the like. Nothing in Twisted uses this,
and other parts of twisted.web gleefully include complete
traceback text in content delivered to clients, however I will
not re-duplicate that behavior here. Instead, change output()
to log the exception and return a non-descript error message.

Line
1
2	# Copyright (c) 2001-2004 Twisted Matrix Laboratories.
3	# See LICENSE for details.
4
5
6	"""I hold HTML generation helpers.
7	"""
8
9	from twisted.python import log
10	#t.w imports
11	from twisted.web import resource
12
13	import traceback, string
14
15	from cStringIO import StringIO
16	from microdom import escape
17
18	def PRE(text):
19	"Wrap <pre> tags around some text and HTML-escape it."
20	return "<pre>"+escape(text)+"</pre>"
21
22	def UL(lst):
23	io = StringIO()
24	io.write("<ul>\n")
25	for el in lst:
26	io.write("<li> %s</li>\n" % el)
27	io.write("</ul>")
28	return io.getvalue()
29
30	def linkList(lst):
31	io = StringIO()
32	io.write("<ul>\n")
33	for hr, el in lst:
34	io.write('<li> <a href="%s">%s</a></li>\n' % (hr, el))
35	io.write("</ul>")
36	return io.getvalue()
37
38	def output(func, args, *kw):
39	*"""output(func, args, kw) -> html string
40	Either return the result of a function (which presumably returns an
41	HTML-legal string) or a sparse HTMLized error message and a message
42	in the server log.
43	"""
44	try:
45	return func(args, *kw)
46	except:
47	log.msg("Error calling %r:" % (func,))
48	log.err()
49	return PRE("An error occurred.")

Note: See TracBrowser for help on using the browser.

root / trunk / twisted / web / html.py

Download in other formats: