Re: [Django] #34830: csrf_failure view missing context processors

Tue, 07 Nov 2023 10:27:33 -0800 

#34830: csrf_failure view missing context processors
-----------------------------+---------------------------------------------
     Reporter:  Alex Henman  |                    Owner:  Prakhar Parashari
         Type:  Bug          |                   Status:  new
    Component:  CSRF         |                  Version:  dev
     Severity:  Normal       |               Resolution:
     Keywords:               |             Triage Stage:  Accepted
    Has patch:  0            |      Needs documentation:  0
  Needs tests:  0            |  Patch needs improvement:  0
Easy pickings:  0            |                    UI/UX:  0
-----------------------------+---------------------------------------------
Changes (by Tim Graham):

 * status:  closed => new
 * has_patch:  1 => 0
 * resolution:  fixed =>
 * stage:  Ready for checkin => Accepted


Comment:

 I think this might be the way to go:
 {{{ #!diff
 diff --git a/django/views/csrf.py b/django/views/csrf.py
 index 3c572a621a..60c564b809 100644
 --- a/django/views/csrf.py
 +++ b/django/views/csrf.py
 @@ -72,8 +72,10 @@ def csrf_failure(request, reason="",
 template_name=CSRF_FAILURE_TEMPLATE_NAME):
              # If the default template doesn't exist, use the fallback
 template.
              with
 builtin_template_path("csrf_403.html").open(encoding="utf-8") as fh:
                  t = Engine().from_string(fh.read())
 -            c = Context(c)
 +            body = t.render(Context(c))
          else:
              # Raise if a developer-specified template doesn't exist.
              raise
 -    return HttpResponseForbidden(t.render(c))
 +    else:
 +        body = t.render(c, request)
 +    return HttpResponseForbidden(body)
 }}}
 See
 
[https://github.com/django/django/blob/535f7b5c6cea54a0796d85bbe213183d50002689/django/views/defaults.py#L64-L78
 similar code] in `django.views.default.page_not_found`.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/34830#comment:16>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018bab0a1813-c17e0dd0-97f9-42ff-917b-395086abb4bb-000000%40eu-central-1.amazonses.com.

Reply via email to