From a849ec1880e6e9926bd04e298c0ded2611cfb4b3 Mon Sep 17 00:00:00 2001
From: Jerome Leclanche <jerome@leclan.ch>
Date: Sat, 17 Dec 2016 17:34:32 +0200
Subject: [PATCH] Fixed #27606 -- Fixed HttpResponseRedirect.__repr__() crash
 when DisallowedRedirect is raised.

---
 django/http/response.py     |  4 ++--
 tests/httpwrappers/tests.py | 13 ++++++++++++-
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/django/http/response.py b/django/http/response.py
index 89c1c0a5fd06..48b4b525b9db 100644
--- a/django/http/response.py
+++ b/django/http/response.py
@@ -420,11 +420,11 @@ class HttpResponseRedirectBase(HttpResponse):
     allowed_schemes = ['http', 'https', 'ftp']
 
     def __init__(self, redirect_to, *args, **kwargs):
+        super(HttpResponseRedirectBase, self).__init__(*args, **kwargs)
+        self['Location'] = iri_to_uri(redirect_to)
         parsed = urlparse(force_text(redirect_to))
         if parsed.scheme and parsed.scheme not in self.allowed_schemes:
             raise DisallowedRedirect("Unsafe redirect to URL with protocol '%s'" % parsed.scheme)
-        super(HttpResponseRedirectBase, self).__init__(*args, **kwargs)
-        self['Location'] = iri_to_uri(redirect_to)
 
     url = property(lambda self: self['Location'])
 
diff --git a/tests/httpwrappers/tests.py b/tests/httpwrappers/tests.py
index 2cf0e23d63e3..be136f3bb7d5 100644
--- a/tests/httpwrappers/tests.py
+++ b/tests/httpwrappers/tests.py
@@ -8,7 +8,7 @@
 import unittest
 import uuid
 
-from django.core.exceptions import SuspiciousOperation
+from django.core.exceptions import DisallowedRedirect, SuspiciousOperation
 from django.core.serializers.json import DjangoJSONEncoder
 from django.core.signals import request_finished
 from django.db import close_old_connections
@@ -517,6 +517,17 @@ def test_redirect_repr(self):
         expected = '<HttpResponseRedirect status_code=302, "text/html; charset=utf-8", url="/redirected/">'
         self.assertEqual(repr(response), expected)
 
+    def test_invalid_redirect_repr(self):
+        """
+        If HttpResponseRedirect raises DisallowedRedirect, its __repr__()
+        should work (in the debug view, for example).
+        """
+        response = HttpResponseRedirect.__new__(HttpResponseRedirect)
+        with self.assertRaisesMessage(DisallowedRedirect, "Unsafe redirect to URL with protocol 'ssh'"):
+            HttpResponseRedirect.__init__(response, 'ssh://foo')
+        expected = '<HttpResponseRedirect status_code=302, "text/html; charset=utf-8", url="ssh://foo">'
+        self.assertEqual(repr(response), expected)
+
     def test_not_modified(self):
         response = HttpResponseNotModified()
         self.assertEqual(response.status_code, 304)