diff options
| author | Aymeric Augustin | 2014-01-26 20:44:15 +0100 |
|---|---|---|
| committer | Aymeric Augustin | 2014-01-26 20:44:56 +0100 |
| commit | 55636f20076c4c9cd444b8dc7dc309fda2e5e7ec (patch) | |
| tree | 992642320f0318a1dc1fb84a29d75abd0c2861c5 | |
| parent | 788f323952a6500669aea13a14cff51ba0579dde (diff) | |
| download | django-debug-toolbar-55636f20076c4c9cd444b8dc7dc309fda2e5e7ec.tar.bz2 | |
Remove line endings to avoid issues with browser normalization.
Fix #533.
| -rw-r--r-- | debug_toolbar/panels/sql/forms.py | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/debug_toolbar/panels/sql/forms.py b/debug_toolbar/panels/sql/forms.py index 3fdbc25..b4c31cc 100644 --- a/debug_toolbar/panels/sql/forms.py +++ b/debug_toolbar/panels/sql/forms.py @@ -77,9 +77,11 @@ class SQLSelectForm(forms.Form): return reformat_sql(self.cleaned_data['sql']) def make_hash(self, data): - params = (force_text(settings.SECRET_KEY) + - force_text(data['sql']) + force_text(data['params'])) - return hashlib.sha1(params.encode('utf-8')).hexdigest() + items = [settings.SECRET_KEY, data['sql'], data['params']] + # Replace lines endings with spaces to preserve the hash value + # even when the browser normalizes \r\n to \n in inputs. + items = [force_text(' '.join(item.splitlines())) for item in items] + return hashlib.sha1(sum(items, '').encode('utf-8')).hexdigest() @property def connection(self): |