Re: [Django] #35673: ExceptionReporter.get_traceback_data() does not handle when request.GET data exceeds DATA_UPLOAD_MAX_NUMBER_FIELDS (was: When URL has 1000+ query parameters, and DEBUG=True, Django does not generate the error page correctly)

[Django]

#35673: ExceptionReporter.get_traceback_data() does not handle when request.GET
data exceeds DATA_UPLOAD_MAX_NUMBER_FIELDS
---------------------------------+------------------------------------
     Reporter:  Pēteris Caune    |                    Owner:  (none)
         Type:  Bug              |                   Status:  new
    Component:  Error reporting  |                  Version:  5.1
     Severity:  Normal           |               Resolution:
     Keywords:                   |             Triage Stage:  Accepted
    Has patch:  0                |      Needs documentation:  0
  Needs tests:  0                |  Patch needs improvement:  0
Easy pickings:  0                |                    UI/UX:  0
---------------------------------+------------------------------------
Changes (by Sarah Boyce):

 * stage:  Unreviewed => Accepted
 * summary:
     When URL has 1000+ query parameters, and DEBUG=True, Django does not
     generate the error page correctly
     =>
     ExceptionReporter.get_traceback_data() does not handle when
     request.GET data exceeds DATA_UPLOAD_MAX_NUMBER_FIELDS

Comment:

 Thank you!

 Here's a rough test
 {{{#!diff
 --- a/tests/view_tests/tests/test_debug.py
 +++ b/tests/view_tests/tests/test_debug.py
 @@ -461,6 +461,12 @@ class DebugViewTests(SimpleTestCase):
              response = self.client.get("/raises500/", headers={"accept":
 "text/plain"})
          self.assertContains(response, "Oh dear, an error occurred!",
 status_code=500)

 +    @override_settings(DATA_UPLOAD_MAX_NUMBER_FIELDS=1)
 +    def test_max_number_of_fields_exceeded(self):
 +        with self.assertLogs("django.security", "WARNING"):
 +            response = self.client.get("", query_params={"a": [1, 2]})
 +        self.assertContains(response, '<div class="context" id="',
 status_code=400)
 +

  class DebugViewQueriesAllowedTests(SimpleTestCase):
      # May need a query to initialize MySQL connection
 diff --git a/tests/view_tests/views.py b/tests/view_tests/views.py
 index 9eb7a352d6..f9fc2241a3 100644
 --- a/tests/view_tests/views.py
 +++ b/tests/view_tests/views.py
 @@ -22,6 +22,7 @@ TEMPLATES_PATH = Path(__file__).resolve().parent /
 "templates"

  def index_page(request):
      """Dummy index page"""
 +    request.GET.getlist("a")
      return HttpResponse("<html><body>Dummy page</body></html>")

 }}}
-- 
Ticket URL: <https://code.djangoproject.com/ticket/35673#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701914c33a4bd-84087be7-b878-4499-a05a-e6b0cc85721d-000000%40eu-central-1.amazonses.com.