Hi Wim,
On 16/07/15 16:51, Wim Feijen wrote:
Hi,
We are experiencing the same problem when a user changes his language.
We are using a post form for that, see: https://roominreturn.nl .
1. What is annoying is that the csrf Forbidden page is a yellow page and
is shown to the end user. We would never want to confront a visitor with
a yellow Forbidden page with techy remarks. Our default 400-page would
be ok though.
Note that you can avoid the yellow page with the CSRF_FAILURE_VIEW
setting. The view can be as simple as:
def csrf_failure(request, reason=""):
"""
Friendly view for settings.CSRF_FAILURE_VIEW.
"""
return render(request, 'friendly_csrf_failure_template.html',
status=403)
Then in your settings add
CSRF_FAILURE_VIEW = 'path.to.csrf_failure';
Cheers,
Alasdair
[1]: https://docs.djangoproject.com/en/1.8/ref/settings/#csrf-failure-view
--
Alasdair Nicol
Developer, MEMSET
mail: [email protected]
web: http://www.memset.com/
Memset Ltd., registration number 4504980.
Building 87, Dunsfold Park, Stovolds Hill, Cranleigh, Surrey, GU6 8TB, UK
--
You received this message because you are subscribed to the Google Groups "Django
developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-developers.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/55A7D9ED.3030804%40memset.com.
For more options, visit https://groups.google.com/d/optout.
