Description
When using flask, with debug enabled, and attempting to debug a page with any URL parameter present, the debugger will malfunction and throw the error: "Error: Could not verify PIN. Network error?" it also does not print the debugger pin into the console, unless upon startup
To replicate this, make a simple Flask test app that throws an error like so:
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello_world():
raise
return "<p>Hello, World!</p>"
if __name__ == "__main__":Now, navigate to localhost:5000. After which the debug terminal will appear and work as intended. This is what appears in the console:
27.0.0.1 - - [26/Jun/2024 12:37:39] "GET /?__debugger__=yes&cmd=resource&f=debugger.js HTTP/1.1" 304 -
127.0.0.1 - - [26/Jun/2024 12:37:39] "GET /?__debugger__=yes&cmd=resource&f=style.css HTTP/1.1" 304 -
127.0.0.1 - - [26/Jun/2024 12:37:39] "GET /?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 304 -
* To enable the debugger you need to enter the security pin:
* Debugger pin code: xxx-xxx-xxx
127.0.0.1 - - [26/Jun/2024 12:37:41] "GET /?__debugger__=yes&cmd=printpin&s=3WfWFdnDEWFY1zvWLTW3 HTTP/1.1" 200 -
Do not insert the debugger pin, instead navigate to localhost:5000?test=test (any url parameter will cause this). The debug console will appear, upon clicking the terminal button, to cause the PIN prompt, the prompt will appear; however, the error will appear a second time in the terminal, and no PIN will appear.
127.0.0.1 - - [26/Jun/2024 12:40:42] "GET /?__debugger__=yes&cmd=resource&f=style.css HTTP/1.1" 304 -
127.0.0.1 - - [26/Jun/2024 12:40:42] "GET /?__debugger__=yes&cmd=resource&f=debugger.js HTTP/1.1" 304 -
127.0.0.1 - - [26/Jun/2024 12:40:42] "GET /?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 304 -
127.0.0.1 - - [26/Jun/2024 12:40:51] "GET /?test=test?__debugger__=yes&cmd=printpin&s=LjqOQxjdwXsrbGPWHvJB HTTP/1.1" 500 -
Traceback (most recent call last):
...
Naturally, the debugger ping should exist anyway. I think the issue is that ?__debugger__... is inserted instead of &__debugger__... in circumstances where URL parameters are already present. I cannot verify as I'm not certain where this should live. It's possible this is a Werkzeug problem. Feel free to tell me, and I'll reopen over there.
Environment:
- Python version: 3.11
- Flask version: 3.0.3
FWIW this still happened in 2.3.3
Activity