summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorJannis Leidel <jannis@leidel.info>2011-08-12 14:15:31 +0000
committerJannis Leidel <jannis@leidel.info>2011-08-12 14:15:31 +0000
commit1ca6e9b9e24240033349c93b05902c79c0a25bbb (patch)
treec6d4b1fca5b881e62481094cd2cedcaaa3a82af9 /docs
parent958e049d4d90fb5e0fe582eb4339af3c58dd5c07 (diff)
Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.4.txt5
-rw-r--r--docs/topics/http/views.txt21
2 files changed, 26 insertions, 0 deletions
diff --git a/docs/releases/1.4.txt b/docs/releases/1.4.txt
index 02c4e82693..d676ff045c 100644
--- a/docs/releases/1.4.txt
+++ b/docs/releases/1.4.txt
@@ -261,6 +261,11 @@ Django 1.4 also includes several smaller improvements worth noting:
* It is now possible to load fixtures containing forward references when using
MySQL with the InnoDB database engine.
+* A new 403 response handler has been added as
+ ``'django.views.defaults.permission_denied'``. See the documentation
+ about :ref:`the 403 (HTTP Forbidden) view<http_forbidden_view>` for more
+ information.
+
.. _backwards-incompatible-changes-1.4:
Backwards incompatible changes in 1.4
diff --git a/docs/topics/http/views.txt b/docs/topics/http/views.txt
index 7a563eaf68..6e033f3bc9 100644
--- a/docs/topics/http/views.txt
+++ b/docs/topics/http/views.txt
@@ -197,3 +197,24 @@ Two things to note about 500 views:
* If :setting:`DEBUG` is set to ``True`` (in your settings module), then
your 500 view will never be used, and the traceback will be displayed
instead, with some debug information.
+
+.. _http_forbidden_view:
+
+The 403 (HTTP Forbidden) view
+----------------------------
+
+.. versionadded:: 1.4
+
+In the same vein as the 404 and 500 views, Django has a view to handle 403
+Forbidden errors. If a view results in a 403 exception then Django will, by
+default, call the view ``django.views.defaults.permission_denied``.
+
+This view loads and renders the template ``403.html`` in your root template
+directory, or if this file does not exist, instead serves the text
+"403 Forbidden", as per RFC 2616 (the HTTP 1.1 Specification).
+
+It is possible to override ``django.views.defaults.permission_denied`` in the
+same way you can for the 404 and 500 views by specifying a ``handler403`` in
+your URLconf::
+
+ handler403 = 'mysite.views.my_custom_permission_denied_view'