Monkey patch django.utils.http.is_safe_url for Django 1.8.10.

ccb07f1c · John Eskew · 516db0d7 · ccb07f1c · ccb07f1c · ccb07f1c
Commit ccb07f1c authored Mar 03, 2016 by John Eskew
Show whitespace changes
Inline Side-by-side

Showing with 42 additions and 3 deletions

cms/startup.py
+6 -1

common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py
+30 -0

lms/startup.py
+6 -2

No files found.
--- a/cms/startup.py
+++ b/cms/startup.py
@@ -9,7 +9,11 @@ settings.INSTALLED_APPS  # pylint: disable=pointless-statement

 from openedx.core.lib.django_startup import autostartup
 import django
-from monkey_patch import third_party_auth, django_db_models_options
+from monkey_patch import (
+    third_party_auth,
+    django_db_models_options,
+    django_utils_http_is_safe_url
+)

 import xmodule.x_module
 import cms.lib.xblock.runtime
@@ -23,6 +27,7 @@ def run():
    """
    third_party_auth.patch()
    django_db_models_options.patch()
+    django_utils_http_is_safe_url.patch()

    # Comprehensive theming needs to be set up before django startup,
    # because modifying django template paths after startup has no effect.

--- a/common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py
+++ b/common/djangoapps/monkey_patch/django_utils_http_is_safe_url.py
+"""
+Monkey patch the is_safe_url method in django.utils.http for Django 1.8.10.
+In that release, the method crashes when a bytestring, non-unicode string is passed-in
+as the url.
+Remove the monkey patch when the bug is fixed in a Django 1.8 release. Here's the bug:
+https://code.djangoproject.com/ticket/26308
+"""
+
+from django.utils import http
+from django.utils.encoding import force_text
+
+
+def patch():
+    """
+    Monkey patch the django.utils.http.is_safe_url function to convert the incoming
+    url and host parameters to unicode.
+    """
+    def create_is_safe_url_wrapper(wrapped_func):
+        # pylint: disable=missing-docstring
+        def _wrap_is_safe_url(*args, **kwargs):
+            def _conv_text(value):
+                return None if value is None else force_text(value)
+            return wrapped_func(
+                # Converted *args.
+                *tuple(map(_conv_text, args)),
+                # Converted **kwargs.
+                **{key: _conv_text(value) for key, value in kwargs.items()}
+            )
+        return _wrap_is_safe_url
+    http.is_safe_url = create_is_safe_url_wrapper(http.is_safe_url)
--- a/lms/startup.py
+++ b/lms/startup.py
@@ -12,8 +12,11 @@ from openedx.core.lib.django_startup import autostartup
 import edxmako
 import logging
 import analytics
-from monkey_patch import third_party_auth, django_db_models_options
-
+from monkey_patch import (
+    third_party_auth,
+    django_db_models_options,
+    django_utils_http_is_safe_url
+)

 import xmodule.x_module
 import lms_xblock.runtime
@@ -30,6 +33,7 @@ def run():
    """
    third_party_auth.patch()
    django_db_models_options.patch()
+    django_utils_http_is_safe_url.patch()

    # To override the settings before executing the autostartup() for python-social-auth
    if settings.FEATURES.get('ENABLE_THIRD_PARTY_AUTH', False):