From 06bafadf4cb12686215f0eae6857c3678710d2f4 Mon Sep 17 00:00:00 2001 From: Keryn Knight Date: Mon, 6 Aug 2018 13:58:33 +0100 Subject: [PATCH] Fix issue where evaluating `value` might cause side-effects above-and-beyond triggering a DB query. This is most prevalent with objects like Forms, whose default __str__ renders the form, and causes things like full_clean to take place when they otherwise wouldn't. In an ideal world we'd use repr() directly, as it is SUPER fast by comparison. saferepr offers a happier middleground between repr() and pformat(). --- debug_toolbar/panels/templates/panel.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debug_toolbar/panels/templates/panel.py b/debug_toolbar/panels/templates/panel.py index ace5a6bd4..56bd04ad5 100644 --- a/debug_toolbar/panels/templates/panel.py +++ b/debug_toolbar/panels/templates/panel.py @@ -3,7 +3,7 @@ from collections import OrderedDict from contextlib import contextmanager from os.path import normpath -from pprint import pformat +from pprint import pformat, saferepr from django import http from django.conf.urls import url @@ -126,7 +126,7 @@ def _store_template_info(self, sender, **kwargs): else: try: recording(False) - force_text(value) # this MAY trigger a db query + saferepr(value) # this MAY trigger a db query except SQLQueryTriggered: temp_layer[key] = '<>' except UnicodeEncodeError: