|
Revision 15270, 1.2 KB
(checked in by exarkun, 5 years ago)
|
|
<pre>An error has occurred.</pre> if t.w.html.output() fails - resolves issue 1337
r872 removed the traceback from the <pre></pre>, leaving it
empty, but comes with no explaination and failed to update
the docstring to indicate the change in behavior. Most likely
this was deemed a security fix, to avoid revealing source lines,
filesystem details, and the like. Nothing in Twisted uses this,
and other parts of twisted.web gleefully include complete
traceback text in content delivered to clients, however I will
not re-duplicate that behavior here. Instead, change output()
to log the exception and return a non-descript error message.
|
| Line | |
|---|
| 1 | |
|---|
| 2 | |
|---|
| 3 | |
|---|
| 4 | |
|---|
| 5 | |
|---|
| 6 | """I hold HTML generation helpers. |
|---|
| 7 | """ |
|---|
| 8 | |
|---|
| 9 | from twisted.python import log |
|---|
| 10 | |
|---|
| 11 | from twisted.web import resource |
|---|
| 12 | |
|---|
| 13 | import traceback, string |
|---|
| 14 | |
|---|
| 15 | from cStringIO import StringIO |
|---|
| 16 | from microdom import escape |
|---|
| 17 | |
|---|
| 18 | def PRE(text): |
|---|
| 19 | "Wrap <pre> tags around some text and HTML-escape it." |
|---|
| 20 | return "<pre>"+escape(text)+"</pre>" |
|---|
| 21 | |
|---|
| 22 | def UL(lst): |
|---|
| 23 | io = StringIO() |
|---|
| 24 | io.write("<ul>\n") |
|---|
| 25 | for el in lst: |
|---|
| 26 | io.write("<li> %s</li>\n" % el) |
|---|
| 27 | io.write("</ul>") |
|---|
| 28 | return io.getvalue() |
|---|
| 29 | |
|---|
| 30 | def linkList(lst): |
|---|
| 31 | io = StringIO() |
|---|
| 32 | io.write("<ul>\n") |
|---|
| 33 | for hr, el in lst: |
|---|
| 34 | io.write('<li> <a href="%s">%s</a></li>\n' % (hr, el)) |
|---|
| 35 | io.write("</ul>") |
|---|
| 36 | return io.getvalue() |
|---|
| 37 | |
|---|
| 38 | def output(func, *args, **kw): |
|---|
| 39 | """output(func, *args, **kw) -> html string |
|---|
| 40 | Either return the result of a function (which presumably returns an |
|---|
| 41 | HTML-legal string) or a sparse HTMLized error message and a message |
|---|
| 42 | in the server log. |
|---|
| 43 | """ |
|---|
| 44 | try: |
|---|
| 45 | return func(*args, **kw) |
|---|
| 46 | except: |
|---|
| 47 | log.msg("Error calling %r:" % (func,)) |
|---|
| 48 | log.err() |
|---|
| 49 | return PRE("An error occurred.") |
|---|