search

1modm / petereport

PeTeReport is an open-source application vulnerability reporting tool.
https://1modm.github.io/petereport/
BSD 3-Clause "New" or "Revised" License
465 stars 129 forks source link

ERROR 500 when i try to view Report or Product #39

Closed kaal18 closed 2 years ago

kaal18 commented 2 years ago

I just installed the petereport via Docker and i'm getting this error 500 when i try to view product or report etc.. I tried installing multiple times still no luck.

Screenshots :

image

image

image

image

I turned on the debug mode and i got below error.

image

Error during template rendering

In template /opt/petereport/app/preport/templates/home/template.html, error at line 0
clean() got an unexpected keyword argument 'styles'
1   <!DOCTYPE html>
2   <html lang="en">
3   <head>
4       {% block head %}
5         {% block meta %}
6           <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
7           <meta charset="utf-8">
8           <meta http-equiv="X-UA-Compatible" content="IE=edge">
9           <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
10        {% endblock meta %}
Environment:

Request Method: GET
Request URL: http://127.0.0.1/product/view/1

Django Version: 3.2.5
Python Version: 3.8.10
Installed Applications:
['django.contrib.admin',
 'django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'martor',
 'django_bleach',
 'preport']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware']

Template error:
In template /opt/petereport/app/preport/templates/home/template.html, error at line 0
   clean() got an unexpected keyword argument 'styles'
   1 : <!DOCTYPE html>
   2 : <html lang="en">
   3 : <head>
   4 :     {% block head %}
   5 :       {% block meta %}
   6 :         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
   7 :         <meta charset="utf-8">
   8 :         <meta http-equiv="X-UA-Compatible" content="IE=edge">
   9 :         <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
   10 :       {% endblock meta %}

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/dist-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.8/dist-packages/django/core/handlers/base.py", line 181, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.8/dist-packages/django/contrib/auth/decorators.py", line 21, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File "/opt/petereport/app/preport/views.py", line 358, in product_view
    return render(request, 'products/product_view.html', {'pk': pk, 'DB_product_query': DB_product_query, 'DB_report_query': DB_report_query, 'count_product_report': count_product_report, 'product_findings': count_product_findings_total, 'count_product_findings_critical_high': count_product_findings_critical_high, 'count_product_findings_medium': count_product_findings_medium})
  File "/usr/local/lib/python3.8/dist-packages/django/shortcuts.py", line 19, in render
    content = loader.render_to_string(template_name, context, request, using=using)
  File "/usr/local/lib/python3.8/dist-packages/django/template/loader.py", line 62, in render_to_string
    return template.render(context, request)
  File "/usr/local/lib/python3.8/dist-packages/django/template/backends/django.py", line 61, in render
    return self.template.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 170, in render
    return self._render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 162, in _render
    return self.nodelist.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 938, in render
    bit = node.render_annotated(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 905, in render_annotated
    return self.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/loader_tags.py", line 150, in render
    return compiled_parent._render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 162, in _render
    return self.nodelist.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 938, in render
    bit = node.render_annotated(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 905, in render_annotated
    return self.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/loader_tags.py", line 62, in render
    result = block.nodelist.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 938, in render
    bit = node.render_annotated(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 905, in render_annotated
    return self.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/loader_tags.py", line 62, in render
    result = block.nodelist.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 938, in render
    bit = node.render_annotated(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 905, in render_annotated
    return self.render(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 988, in render
    output = self.filter_expression.resolve(context)
  File "/usr/local/lib/python3.8/dist-packages/django/template/base.py", line 698, in resolve
    new_obj = func(obj, *arg_vals)
  File "/usr/local/lib/python3.8/dist-packages/django_bleach/templatetags/bleach_tags.py", line 23, in bleach_value
    bleached_value = bleach.clean(value, **args)

Exception Type: TypeError at /product/view/1
Exception Value: clean() got an unexpected keyword argument 'styles'
noraj commented 2 years ago

Same here with latest commit 0cafe850888f857b4aefb742179b0a0de4e63aa4

kaal18 commented 2 years ago

Temporary solution is to revert back to commit 1d95bad3d8cdc92ec0800f618bd51d17a633f0c4 git reset --hard 1d95bad3d8cdc92ec0800f618bd51d17a633f0c4

And then , docker-compose up --build

ky0112 commented 2 years ago

Hitting the same 500 error when creating PDF report

1modm commented 2 years ago

Hi All,

Thank you for getting this to me, I was investigating the issue, it seems that python 3.10 is installed with docker, and there are some issues with a couple of libraries; bleach and collections. For backwards compatibility, they continue to be visible in this module through Python 3.9.

So I recommended to start the server manually using python < 3.10 until I found the way to update those libraries or force docker to use python 3.9.

Thanks

1modm commented 2 years ago

Should be fixed in the last commit, take a look and let me know if do you find any other issue.

ky0112 commented 2 years ago

Hi Still getting the error 500 while creating a pdf report, which have a lot of base64 image in it.

image Thanks

1modm commented 2 years ago

@ky0112 this is a different issue than this one, could you open a new issue providing more details, for example enabling the debug mode and adding the output?

To enable debug mode, change 'debug': True in config file: /app/config)/petereport_config.py

Thanks