Opened 4 years ago

Closed 4 years ago

#17732 closed Uncategorized (fixed)

Add "ensure cookies are enabled" message to CSRF verification failed view

Reported by: h3 Owned by: nobody
Component: Uncategorized Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


This is a follow up ticket for this discussion:

Sorry for the late response .. been quite busy.

Patch is include, with bonus screenshot:

Attachments (2)

django-csrf-missing-help-cookies.patch (503 bytes) - added by h3 4 years ago.
django-csrf-missing-help-cookies-view.patch (664 bytes) - added by h3 4 years ago.
Patch of the csrf view to serve the correct reason

Download all attachments as: .zip

Change History (4)

Changed 4 years ago by h3

Patch of the csrf view to serve the correct reason

comment:1 Changed 4 years ago by PaulM

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset

Your provided patch doesn't pass the existing test suite... More importantly, it makes the CSRF framework depend on the session framework again. We've worked hard to keep the two separate, so any patch which ties them back together is unlikely to be committed.

I did commit the additional clarification to the error message.

Last edited 4 years ago by PaulM (previous) (diff)

comment:2 Changed 4 years ago by PaulM

  • Resolution set to fixed
  • Status changed from new to closed
  • Triage Stage changed from Unreviewed to Accepted

I'm going to go ahead and close this ticket, since I've committed the part which can be committed. If you have a way to improve the error message without tying to the session framework, and without changing the existing behavior, please feel free to re-open the ticket with a patch, or discuss it on the mailing list.

Note: See TracTickets for help on using tickets.
Back to Top