id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
27763	Docs: check invalid csrftoken on CSRF_FAILURE_VIEW	Ramin Farajpour Cami	nobody	"Hi,

settings.CSRF_FAILURE_VIEW alwase render html,when from client side sending request invalid `csrftoken:invalid`  with  `type:json`,

from  https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-CSRF_FAILURE_VIEW
{{{
def csrf_failure(request, reason=""""):
       ...
      # render html page 
}}}
while request is `type:json` and response is `type:html`, i think we should point this scenario to django docs,

example : 
{{{
def csrf_failure(request, reason=""""):
    if request.is_ajax():
        return HttpResponseForbidden('',
                            content_type='application/json',
                            charset=""utf-8"")
    return render(...)
}}}



"	Cleanup/optimization	closed	Documentation	dev	Normal	needsinfo			Unreviewed	0	0	0	0	0	0