#5515: CSRF has hard-encoded error page
---------------------------------------------------------+------------------
Reporter: Piotr Lewandowski <[EMAIL PROTECTED]> | Owner:
Status: new |
Component: Contrib apps
Version: SVN |
Resolution:
Keywords: |
Stage: Accepted
Has_patch: 1 |
Needs_docs: 0
Needs_tests: 0 |
Needs_better_patch: 0
---------------------------------------------------------+------------------
Changes (by progprog):
* owner: progprog =>
* status: assigned => new
* has_patch: 0 => 1
* summary: CSFR has hard-encoded error page => CSRF has hard-encoded
error page
Comment:
Patch with tests added.
I decided that in general Django should have customizable 403 pages, a la
404/500, so my patch deals with a larger scope than is described by this
ticket. After making 403 customizable, the CSRF middleware simply raises
the PermissionDenied exception with a custom message, and get_response()
handles the rest.
One consequence of this is that a 403.html template will have to be
declared, similar to 404.html and 500.html.
--
Ticket URL: <http://code.djangoproject.com/ticket/5515#comment:3>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
