django-debug-toolbar: Improve handling when DJDT views don't respond with JSON
Sidebar loads fine until you press any of the buttons, for example “Cache”.
As soon as i press it i get
VM14865:2 Uncaught (in promise) SyntaxError: Unexpected token '<', "
<html>
<h"... is not valid JSON
I load django toolbar at the start so
urlpatterns = [
]
if settings.DEBUG:
import debug_toolbar
urlpatterns += [
url("__debug__/", include(debug_toolbar.urls)),
]
urlpatterns += [] # my normal urls
Also does it after my normal urls. Does it in all of my projects now, not sure why but it’s really annoying. One of my other test pages calls a request every 7 seconds, and each time it fetches data i get that error on my screen. So annoying.
I’m happy to provide more details
Thanks 😃
Edit from Tim:
This issue is because the toolbar views have some authorization logic wrapping them causing the responses to be HTML rather than JSON. Our JS frontend should identify when the responses don’t match expectations and notify the user of such to make it easier to diagnose.
About this issue
- Original URL
- State: closed
- Created 8 months ago
- Comments: 19 (11 by maintainers)
Yeah, the middleware uses
re.match, notre.search: https://github.com/CleitonDeLima/django-login-required-middleware/blob/d4535f5a9f61d4d24012fbbbd1d32d4d9b7002bf/login_required/middleware.py#L26Therefore you have to use a regex which matches from the beginning, not somewhere inside.
(You could try
r".*__debug__"but that might be too broad.)Re-opening because I’m re-purposing the issue
As an aside, the preferred terms for that type of functionality are allow-list and deny-list. I know you’re not from the US so there are some contextual differences, but whitelist and blacklist have their roots in systematic racism and discrimination in the US.
Sure thing
aha,
http://127.0.0.1:8000/login/?next=/__debug__/history_sidebar/%3Fstore_id%3D221f0a9e2ea44d7ba227eddf737e62d7By that i assume it’s trying to login to view things. I need to find the url name to an allowed list to avoid it being blocked I’ll let you know if i cant find it