#24389: CSRF error page requires DjangoTemplates backend
---------------------------------+-----------------------
Reporter: uranusjr | Owner: nobody
Type: Bug | Status: new
Component: Template system | Version: 1.8alpha1
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+-----------------------
When a CSRF error is raised in debug mode, the technical page require
DjangoTemplates to be rendered. If you have your TEMPLATES setting
configured without a DjangoTemplates entry, you will instead get a
ImproperlyConfigured: No DjangoTemplates backend is configured. error.
This can be resolved if you add a DjangoTemplates entry to the TEMPLATES
setting, but since the many error pages (500, 404, etc.) work without
DjangoTemplates, this one probably should, too.
To reproduce:
1. Create a new project.
2. Change the TEMPLATES setting to ''not'' include a DjangoTemplates
entry, e.g.
{{{
TEMPLATES = [
{
'BACKEND': 'django.template.backends.jinja2.Jinja2',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
},
},
]
}}}
3. Create a view, and send a POST request to it in the browser, without
the CSRF token.
--
Ticket URL: <https://code.djangoproject.com/ticket/24389>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/051.3185f6f39dd099bfb0645dc7040e76ad%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
