>> returns http.HttpResponseForbidden which is almost never what you actually >> want to return to the user > > that's not true, at least no more than a 404/500 which you also return and > have templates for; 403 is a perfectly valid response in fact django's trac > uses it too via apache auth and it doesn't even have a nice template just > the default apache error. > also a 403 can be used for webservices or any other places where you can't > return a redirect to the login. Of course 403 is a perfectly good response, but the content you currently (in the PermissionDenied handler) get is not very useful to the end user. Showing a big "Permission Denied" with nothing else on the screen makes my users feel like they broken something. Without an option to customize the response content, it's not very useful (which is the point of ticket #5515).
-- Łukasz Rekucki -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
