symposion_app/pinaxcon/csrf_view.py

from django.conf import settings
from django.http import HttpResponseForbidden
from django.template import Context, RequestContext, loader
from django.utils.translation import ugettext as _
from django.utils.version import get_docs_version


def csrf_failure(request, reason=""):

    from django.middleware.csrf import REASON_BAD_TOKEN, REASON_NO_REFERER, REASON_NO_CSRF_COOKIE
    t = loader.get_template("403_csrf.html")
    c = {
        'title': _("Forbidden"),
        'main': _("CSRF verification failed. Request aborted."),
        'reason': reason,
        'bad_token': reason == REASON_BAD_TOKEN,
        'no_referer': reason == REASON_NO_REFERER,
        'no_referer1': _(
            "You are seeing this message because this HTTPS site requires a "
            "'Referer header' to be sent by your Web browser, but none was "
            "sent. This header is required for security reasons, to ensure "
            "that your browser is not being hijacked by third parties."),
        'no_referer2': _(
            "If you have configured your browser to disable 'Referer' headers, "
            "please re-enable them, at least for this site, or for HTTPS "
            "connections, or for 'same-origin' requests."),
        'no_cookie': reason == REASON_NO_CSRF_COOKIE,
        'no_cookie1': _(
            "You are seeing this message because this site requires a CSRF "
            "cookie when submitting forms. This cookie is required for "
            "security reasons, to ensure that your browser is not being "
            "hijacked by third parties."),
        'no_cookie2': _(
            "If you have configured your browser to disable cookies, please "
            "re-enable them, at least for this site, or for 'same-origin' "
            "requests."),
        'DEBUG': settings.DEBUG,
        'docs_version': get_docs_version(),
        'more': _("More information is available with DEBUG=True."),
        'request': request,
        'user': request.user
    }
    return HttpResponseForbidden(t.render(c), content_type='text/html')
Customises the CSRF failure view so that it uses the LCA2017 style (#53) * Customises the CSRF failure view so that it uses the LCA2017 style * If a user is logged in and there is a bad_token failure, let them know. 2016-07-17 07:52:04 +00:00			`from django.conf import settings`
			`from django.http import HttpResponseForbidden`
			`from django.template import Context, RequestContext, loader`
			`from django.utils.translation import ugettext as _`
			`from django.utils.version import get_docs_version`

Mass style-check update Seems okay. 2017-03-05 07:34:15 +00:00
Customises the CSRF failure view so that it uses the LCA2017 style (#53) * Customises the CSRF failure view so that it uses the LCA2017 style * If a user is logged in and there is a bad_token failure, let them know. 2016-07-17 07:52:04 +00:00			`def csrf_failure(request, reason=""):`

			`from django.middleware.csrf import REASON_BAD_TOKEN, REASON_NO_REFERER, REASON_NO_CSRF_COOKIE`
			`t = loader.get_template("403_csrf.html")`
Fix TypeError when rendering CSRF failure view Fix #86 2018-06-30 00:05:52 +00:00			`c = {`
Customises the CSRF failure view so that it uses the LCA2017 style (#53) * Customises the CSRF failure view so that it uses the LCA2017 style * If a user is logged in and there is a bad_token failure, let them know. 2016-07-17 07:52:04 +00:00			`'title': _("Forbidden"),`
			`'main': _("CSRF verification failed. Request aborted."),`
			`'reason': reason,`
			`'bad_token': reason == REASON_BAD_TOKEN,`
			`'no_referer': reason == REASON_NO_REFERER,`
			`'no_referer1': _(`
			`"You are seeing this message because this HTTPS site requires a "`
			`"'Referer header' to be sent by your Web browser, but none was "`
			`"sent. This header is required for security reasons, to ensure "`
			`"that your browser is not being hijacked by third parties."),`
			`'no_referer2': _(`
			`"If you have configured your browser to disable 'Referer' headers, "`
			`"please re-enable them, at least for this site, or for HTTPS "`
			`"connections, or for 'same-origin' requests."),`
			`'no_cookie': reason == REASON_NO_CSRF_COOKIE,`
			`'no_cookie1': _(`
			`"You are seeing this message because this site requires a CSRF "`
			`"cookie when submitting forms. This cookie is required for "`
			`"security reasons, to ensure that your browser is not being "`
			`"hijacked by third parties."),`
			`'no_cookie2': _(`
			`"If you have configured your browser to disable cookies, please "`
			`"re-enable them, at least for this site, or for 'same-origin' "`
			`"requests."),`
			`'DEBUG': settings.DEBUG,`
			`'docs_version': get_docs_version(),`
			`'more': _("More information is available with DEBUG=True."),`
Fix TypeError when rendering CSRF failure view Fix #86 2018-06-30 00:05:52 +00:00			`'request': request,`
			`'user': request.user`
			`}`
Customises the CSRF failure view so that it uses the LCA2017 style (#53) * Customises the CSRF failure view so that it uses the LCA2017 style * If a user is logged in and there is a bad_token failure, let them know. 2016-07-17 07:52:04 +00:00			`return HttpResponseForbidden(t.render(c), content_type='text/html')`