mirror of https://github.com/zulip/zulip.git
csrf_failure: Update error page.
Switches from Django's default error page to Zulip standard error template. Also updates template for 405 error code to not use the 404 art. Fixes #25626.
This commit is contained in:
sanchi-t
Tim Abbott
parent
c58c12911c
commit
0a626f5e3c
|
|
@ -13,11 +13,7 @@
|
|||
<img src="{{ static('images/errors/400art.svg') }}" alt=""/>
|
||||
<div class="errorbox">
|
||||
<div class="errorcontent">
|
||||
{% if status_code == 405 %}
|
||||
<h1 class="lead">{{ _("Method not allowed (405)") }}</h1>
|
||||
{% else %}
|
||||
<h1 class="lead">{{ _("Page not found (404)") }}</h1>
|
||||
{% endif %}
|
||||
<p>
|
||||
{% trans %}
|
||||
If this error is unexpected, you can
|
||||
|
|
|
|||
|
|
@ -0,0 +1,53 @@
|
|||
{% extends "zerver/portico.html" %}
|
||||
|
||||
{% block title %}
|
||||
<title>{{ _("Error") }} | Zulip</title>
|
||||
{% endblock %}
|
||||
|
||||
{% block portico_class_name %}error{% endblock %}
|
||||
|
||||
{% block portico_content %}
|
||||
<div class="error_page">
|
||||
<div class="container">
|
||||
<div class="row-fluid">
|
||||
<div class="errorbox">
|
||||
<div class="errorcontent">
|
||||
{% if csrf_failure %}
|
||||
<h1 class="lead">{{ _("Access forbidden (403)") }}</h1>
|
||||
<p>
|
||||
{% trans %}
|
||||
Your request could not be completed because your
|
||||
browser did not send the credentials required to authenticate
|
||||
your access. To resolve this issue:
|
||||
{% endtrans %}
|
||||
</p>
|
||||
|
||||
<ol>
|
||||
<li>
|
||||
{% trans %}
|
||||
Make sure that your browser allows cookies for this site.
|
||||
{% endtrans %}
|
||||
</li>
|
||||
<li>
|
||||
{% trans %}
|
||||
Check for any browser privacy settings or extensions
|
||||
that block Referer headers, and disable them for
|
||||
this site.
|
||||
{% endtrans %}
|
||||
</li>
|
||||
</ol>
|
||||
{% elif status_code == 405 %}
|
||||
<h1 class="lead">{{ _("Method not allowed (405)") }}</h1>
|
||||
<p>
|
||||
{% trans %}
|
||||
If this error is unexpected, you can
|
||||
<a href="mailto:{{ support_email }}">contact support</a>.
|
||||
{% endtrans %}
|
||||
</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
@ -123,7 +123,7 @@ def require_post(
|
|||
return json_method_not_allowed(["POST"])
|
||||
else:
|
||||
return TemplateResponse(
|
||||
request, "404.html", context={"status_code": 405}, status=405
|
||||
request, "4xx.html", context={"status_code": 405}, status=405
|
||||
)
|
||||
return func(request, *args, **kwargs)
|
||||
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ from django.utils.crypto import constant_time_compare
|
|||
from django.utils.deprecation import MiddlewareMixin
|
||||
from django.utils.log import log_response
|
||||
from django.utils.translation import gettext as _
|
||||
from django.views.csrf import csrf_failure as html_csrf_failure
|
||||
from django_scim.middleware import SCIMAuthCheckMiddleware
|
||||
from django_scim.settings import scim_settings
|
||||
from sentry_sdk import set_tag
|
||||
|
|
@ -454,7 +453,7 @@ def csrf_failure(request: HttpRequest, reason: str = "") -> HttpResponse:
|
|||
if RequestNotes.get_notes(request).error_format == "JSON":
|
||||
return json_response_from_error(CsrfFailureError(reason))
|
||||
else:
|
||||
return html_csrf_failure(request, reason)
|
||||
return render(request, "4xx.html", context={"csrf_failure": True}, status=403)
|
||||
|
||||
|
||||
class LocaleMiddleware(DjangoLocaleMiddleware):
|
||||
|
|
|
|||
Loading…
Reference in New Issue