Django : How to override the CSRF_FAILURE_TEMPLATE
Refer to the Django document, you can set CSRF_FAILURE_VIEW
in your settings.py
, such as:
CSRF_FAILURE_VIEW = 'your_app_name.views.csrf_failure'
Also, you'll need to define a csrf_failure
function in your view (need to have this signature: def csrf_failure(request, reason="")
based on the document), which is similar to :
def csrf_failure(request, reason=""): ctx = {'message': 'some custom messages'} return render_to_response(your_custom_template, ctx)
And you can write your custom template as:
<!DOCTYPE html><html> <head lang="en"> <meta charset="UTF-8"> <title></title> </head> <body> {{ message }} </body></html>
As of Django 1.10, you can simply add and customize the 403_csrf.html
template: https://docs.djangoproject.com/en/1.10/ref/settings/#std:setting-CSRF_FAILURE_VIEW
Add 403_csrf.html template to the project template directory.
As you can see in the source code django/views/csrf.py: if you have this template, it will be applied. Nothing needs to be configured.
Template content that you need to customize for your needs:
<div id="summary"> <h1>{{ title }} <span>(403)</span></h1> <p>{{ main }}</p>{% if no_referer %} <p>{{ no_referer1 }}</p> <p>{{ no_referer2 }}</p> <p>{{ no_referer3 }}</p>{% endif %}{% if no_cookie %} <p>{{ no_cookie1 }}</p> <p>{{ no_cookie2 }}</p>{% endif %}</div>