Skip to content

Commit ebe81fe

Browse files
nutrinanutrina
authored
Have created a custom CSRF failure page (#10275)
1 parent 0943df2 commit ebe81fe

File tree

2 files changed

+3
-1
lines changed

2 files changed

+3
-1
lines changed

app/app/settings.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -573,6 +573,7 @@ def callback(request):
573573

574574
CSRF_COOKIE_SECURE = env.bool('CSRF_COOKIE_SECURE', default=False)
575575
CSRF_COOKIE_HTTPONLY = env.bool('CSRF_COOKIE_HTTPONLY', default=True)
576+
CSRF_FAILURE_VIEW = 'retail.views.csrf_failure'
576577
SESSION_COOKIE_SECURE = env.bool('SESSION_COOKIE_SECURE', default=False)
577578
SECURE_BROWSER_XSS_FILTER = env.bool('SECURE_BROWSER_XSS_FILTER', default=True)
578579
SECURE_CONTENT_TYPE_NOSNIFF = env.bool('SECURE_CONTENT_TYPE_NOSNIFF', default=True)

app/retail/views.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1153,11 +1153,12 @@ def presskit(request):
11531153
def handler403(request, exception=None):
11541154
return error(request, 403)
11551155

1156+
def csrf_failure(request, reason=""):
1157+
return error(request, 403)
11561158

11571159
def handler404(request, exception=None):
11581160
return error(request, 404)
11591161

1160-
11611162
def handler500(request, exception=None):
11621163
return error(request, 500)
11631164

0 commit comments

Comments
 (0)