[1.9.x] Refs #25878 -- Added the expected return type of CSRF_FAILURE_VIEW.
Backport of 62e83c71d2086b91d58c313e46933ef7aa8b6db1 from master
This commit is contained in:
Tim Graham
parent
00a9854ca9
commit
c74b1b408a
@ -401,15 +401,16 @@ CSRF_FAILURE_VIEW
|
||||
|
||||
Default: ``'django.views.csrf.csrf_failure'``
|
||||
|
||||
A dotted path to the view function to be used when an incoming request
|
||||
is rejected by the CSRF protection. The function should have this signature::
|
||||
A dotted path to the view function to be used when an incoming request is
|
||||
rejected by the :doc:`CSRF protection </ref/csrf>`. The function should have
|
||||
this signature::
|
||||
|
||||
def csrf_failure(request, reason=""):
|
||||
...
|
||||
|
||||
where ``reason`` is a short message (intended for developers or logging, not for
|
||||
end users) indicating the reason the request was rejected. See
|
||||
:doc:`/ref/csrf`.
|
||||
where ``reason`` is a short message (intended for developers or logging, not
|
||||
for end users) indicating the reason the request was rejected. It should return
|
||||
an :class:`~django.http.HttpResponseForbidden`.
|
||||
|
||||
.. setting:: CSRF_HEADER_NAME
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user