id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
33567	Builtin csrf_failure() view uses wrong charset	MrVichr	Claude Paroz	"When Django detects wrong CSRF token, it shows an error using view django.views.csrf.csrf_failure. That file ends with
{{{
    return HttpResponseForbidden(t.render(c), content_type=""text/html;"")
}}}
When the template (CSRF_FAILURE_TEMPLATE_NAME) is written using '''UTF-8, it is rendered incorrectly'''. I suggest changing that line to
{{{
    return HttpResponseForbidden(t.render(c), content_type=""text/html;""+
                                              f"" charset={settings.DEFAULT_CHARSET};"")
}}}
or perhaps leaving out the `content_type` entirely.

Currently I'm using a workaround, by adding
{{{
<meta http-equiv=""Content-type"" content=""text/html; charset=utf-8"" />
}}}
to the template's HEAD, but it seems to me that the suggested fix is a better solution."	Bug	closed	CSRF	4.0	Normal	fixed	csrf		Ready for checkin	1	0	0	0	1	0