Django - custom 403 template

arnon cohen picture arnon cohen · Aug 13, 2015 · Viewed 12.8k times · Source

I'm trying to use my 403, 404, 500 custom templates in Django 1.5 . 404 and 500 work perfectly, but 403 still showing me the built-in Django 403 template.

I put all three templates in the root template directory in my project. They are named : 403.html, 404.html, 500.html

I also tried using:

urls.py:

 from django.utils.functional import curry
 handler403 = curry(permission_denied, template_name='403.html')

and also: urls.py:

handler403 = 'proj_name.views.my_custom_permission_denied_view'

proj_name/views.py

def my_custom_permission_denied_view(request):
    return ethoos_response('403.html', None, request)

Both methods do not work. Also in 404 and 500 I use none of these methods, just the templates inside the template directory, and they are shown.

All three suppose to work the same way according to Django's documentation. https://docs.djangoproject.com/en/1.5/topics/http/views/#the-403-http-forbidden-view

I have no idea why only 403 doesn't. Thanks.

Answer

Alasdair picture Alasdair · Aug 13, 2015

For regular 403 permission denied pages, creating the 403.html template should work.

However, for CSRF errors (which also return status code 403), you should create a 403_csrf.html template instead.

Creating a 403_csrf.html template works in Django 1.10+. For earlier versions, you had to change the CSRF_FAILURE_VIEW setting to the view you want to use.

See the CSRF docs for more info.

There was a discussion about why the CSRF failure view behaves differently in the Django-developers mailing list this week.