id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
32817	Include in CsrfViewMiddleware's bad CSRF token message where the token is from	Chris Jerdonek	nobody	"Currently, if `CsrfViewMiddleware` encounters a bad CSRF token, it will reject the request with a message like--

* ""CSRF token incorrect""
* ""CSRF token has incorrect length""

I noticed that it would be relatively easy to include in these messages whether the token was obtained from `POST` data or a custom header, which would be useful for troubleshooting. The new messages could look e.g. like--

* ""CSRF token (from POST) incorrect""
* ""CSRF token (from 'X-CSRFToken' header) has incorrect length""

The changes to `CsrfViewMiddlewareTestMixin` proposed in #32800 would make these cases easy to test.
"	Cleanup/optimization	new	CSRF	dev	Normal				Unreviewed	0	0	0	0	0	0