From ccb07f1c49fbeb6e9625640c6f6cb50deedd7344 Mon Sep 17 00:00:00 2001 From: John Eskew Date: Thu, 3 Mar 2016 15:22:28 -0500 Subject: [PATCH] Monkey patch django.utils.http.is_safe_url for Django 1.8.10. --- cms/startup.py | 7 ++++- .../django_utils_http_is_safe_url.py | 30 +++++++++++++++++++ lms/startup.py | 8 +++-- 3 files changed, 42 insertions(+), 3 deletions(-) create mode 100644 common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py diff --git a/cms/startup.py b/cms/startup.py index 42c7eb1070..398fdbdc41 100644 --- a/cms/startup.py +++ b/cms/startup.py @@ -9,7 +9,11 @@ settings.INSTALLED_APPS # pylint: disable=pointless-statement from openedx.core.lib.django_startup import autostartup import django -from monkey_patch import third_party_auth, django_db_models_options +from monkey_patch import ( + third_party_auth, + django_db_models_options, + django_utils_http_is_safe_url +) import xmodule.x_module import cms.lib.xblock.runtime @@ -23,6 +27,7 @@ def run(): """ third_party_auth.patch() django_db_models_options.patch() + django_utils_http_is_safe_url.patch() # Comprehensive theming needs to be set up before django startup, # because modifying django template paths after startup has no effect. diff --git a/common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py b/common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py new file mode 100644 index 0000000000..35c2eb3c86 --- /dev/null +++ b/common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py @@ -0,0 +1,30 @@ +""" +Monkey patch the is_safe_url method in django.utils.http for Django 1.8.10. +In that release, the method crashes when a bytestring, non-unicode string is passed-in +as the url. +Remove the monkey patch when the bug is fixed in a Django 1.8 release. Here's the bug: +https://code.djangoproject.com/ticket/26308 +""" + +from django.utils import http +from django.utils.encoding import force_text + + +def patch(): + """ + Monkey patch the django.utils.http.is_safe_url function to convert the incoming + url and host parameters to unicode. + """ + def create_is_safe_url_wrapper(wrapped_func): + # pylint: disable=missing-docstring + def _wrap_is_safe_url(*args, **kwargs): + def _conv_text(value): + return None if value is None else force_text(value) + return wrapped_func( + # Converted *args. + *tuple(map(_conv_text, args)), + # Converted **kwargs. + **{key: _conv_text(value) for key, value in kwargs.items()} + ) + return _wrap_is_safe_url + http.is_safe_url = create_is_safe_url_wrapper(http.is_safe_url) diff --git a/lms/startup.py b/lms/startup.py index 15582012ab..cb2aa018e7 100644 --- a/lms/startup.py +++ b/lms/startup.py @@ -12,8 +12,11 @@ from openedx.core.lib.django_startup import autostartup import edxmako import logging import analytics -from monkey_patch import third_party_auth, django_db_models_options - +from monkey_patch import ( + third_party_auth, + django_db_models_options, + django_utils_http_is_safe_url +) import xmodule.x_module import lms_xblock.runtime @@ -30,6 +33,7 @@ def run(): """ third_party_auth.patch() django_db_models_options.patch() + django_utils_http_is_safe_url.patch() # To override the settings before executing the autostartup() for python-social-auth if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH', False):