summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoryushanfans2233 <yushanfans2233@qq.com>2023-11-11 15:24:24 +0800
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2023-12-04 10:52:06 +0100
commit14b0132e5e70854076ea781451f5ff37f8dc8edd (patch)
tree698a7483db22596df73a9535bb79ebf0fc6763c7
parent8fcb9f1f106cf60d953d88aeaa412cc625c60029 (diff)
Fixed #34830 -- Added request to bad_request/csrf_failure view template contexts.
-rw-r--r--django/views/csrf.py5
-rw-r--r--django/views/defaults.py3
-rw-r--r--tests/view_tests/tests/test_csrf.py1
-rw-r--r--tests/view_tests/tests/test_defaults.py23
4 files changed, 29 insertions, 3 deletions
diff --git a/django/views/csrf.py b/django/views/csrf.py
index 3c572a621a..adc629e843 100644
--- a/django/views/csrf.py
+++ b/django/views/csrf.py
@@ -67,13 +67,14 @@ def csrf_failure(request, reason="", template_name=CSRF_FAILURE_TEMPLATE_NAME):
}
try:
t = loader.get_template(template_name)
+ body = t.render(request=request)
except TemplateDoesNotExist:
if template_name == CSRF_FAILURE_TEMPLATE_NAME:
# If the default template doesn't exist, use the fallback template.
with builtin_template_path("csrf_403.html").open(encoding="utf-8") as fh:
t = Engine().from_string(fh.read())
- c = Context(c)
+ body = t.render(Context(c))
else:
# Raise if a developer-specified template doesn't exist.
raise
- return HttpResponseForbidden(t.render(c))
+ return HttpResponseForbidden(body)
diff --git a/django/views/defaults.py b/django/views/defaults.py
index ccad802a54..8f56a8fb89 100644
--- a/django/views/defaults.py
+++ b/django/views/defaults.py
@@ -109,6 +109,7 @@ def bad_request(request, exception, template_name=ERROR_400_TEMPLATE_NAME):
"""
try:
template = loader.get_template(template_name)
+ body = template.render(request=request)
except TemplateDoesNotExist:
if template_name != ERROR_400_TEMPLATE_NAME:
# Reraise if it's a missing custom template.
@@ -118,7 +119,7 @@ def bad_request(request, exception, template_name=ERROR_400_TEMPLATE_NAME):
)
# No exception content is passed to the template, to not disclose any
# sensitive information.
- return HttpResponseBadRequest(template.render())
+ return HttpResponseBadRequest(body)
@requires_csrf_token
diff --git a/tests/view_tests/tests/test_csrf.py b/tests/view_tests/tests/test_csrf.py
index ef4a50dd45..af16ffd740 100644
--- a/tests/view_tests/tests/test_csrf.py
+++ b/tests/view_tests/tests/test_csrf.py
@@ -112,6 +112,7 @@ class CsrfViewTests(SimpleTestCase):
"""A custom CSRF_FAILURE_TEMPLATE_NAME is used."""
response = self.client.post("/")
self.assertContains(response, "Test template for CSRF failure", status_code=403)
+ self.assertIs(response.wsgi_request, response.context.request)
def test_custom_template_does_not_exist(self):
"""An exception is raised if a nonexistent template is supplied."""
diff --git a/tests/view_tests/tests/test_defaults.py b/tests/view_tests/tests/test_defaults.py
index f99066e5bb..415a9a8c67 100644
--- a/tests/view_tests/tests/test_defaults.py
+++ b/tests/view_tests/tests/test_defaults.py
@@ -111,6 +111,29 @@ class DefaultsTests(TestCase):
(
"django.template.loaders.locmem.Loader",
{
+ "400.html": (
+ "This is a test template for a 400 error "
+ ),
+ },
+ ),
+ ],
+ },
+ }
+ ]
+ )
+ def test_custom_bad_request_template(self):
+ response = self.client.get("/raises400/")
+ self.assertIs(response.wsgi_request, response.context[-1].request)
+
+ @override_settings(
+ TEMPLATES=[
+ {
+ "BACKEND": "django.template.backends.django.DjangoTemplates",
+ "OPTIONS": {
+ "loaders": [
+ (
+ "django.template.loaders.locmem.Loader",
+ {
"404.html": (
"This is a test template for a 404 error "
"(path: {{ request_path }}, "