Django : How To Override The Csrf_failure_template
If csrf checking fails, Django display a page with 403 error. It seems to me that this error can occur in regular use, for example, when the user disable cookie usage in his brows
Solution 1:
Refer to the Django document, you can set CSRF_FAILURE_VIEW in your settings.py, such as:
CSRF_FAILURE_VIEW = 'your_app_name.views.csrf_failure'Also, you'll need to define a csrf_failure function in your view (need to have this signature: def csrf_failure(request, reason="") based on the document), which is similar to :
defcsrf_failure(request, reason=""):
ctx = {'message': 'some custom messages'}
return render_to_response(your_custom_template, ctx)
And you can write your custom template as:
<!DOCTYPE html><html><headlang="en"><metacharset="UTF-8"><title></title></head><body>
{{ message }}
</body></html>Solution 2:
As of Django 1.10, you can simply add and customize the 403_csrf.html template: https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-CSRF_FAILURE_VIEW
Solution 3:
Add 403_csrf.html template to the project template directory.
As you can see in the source code django/views/csrf.py: if you have this template, it will be applied. Nothing needs to be configured.
Template content that you need to customize for your needs:
<divid="summary"><h1>{{ title }} <span>(403)</span></h1><p>{{ main }}</p>
{% if no_referer %}
<p>{{ no_referer1 }}</p><p>{{ no_referer2 }}</p><p>{{ no_referer3 }}</p>
{% endif %}
{% if no_cookie %}
<p>{{ no_cookie1 }}</p><p>{{ no_cookie2 }}</p>
{% endif %}
</div>
Post a Comment for "Django : How To Override The Csrf_failure_template"