o 3a@sbddlmZddlmZddlmZmZmZmZddl m Z ddl m Z dZdZdefd d Zd S) )settings)HttpResponseForbidden)ContextEngineTemplateDoesNotExistloader)gettext)get_docs_versionu( 403 Forbidden

{{ title }} (403)

{{ main }}

{% if no_referer %}

{{ no_referer1 }}

{{ no_referer2 }}

{{ no_referer3 }}

{% endif %} {% if no_cookie %}

{{ no_cookie1 }}

{{ no_cookie2 }}

{% endif %}
{% if DEBUG %}

Help

{% if reason %}

Reason given for failure:

    {{ reason }}
{% endif %}

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

You’re seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

{% else %}

{{ more }}

{% endif %} z 403_csrf.htmlcCsddlm}m}tdtd|||ktdtdtd||ktdtd tjttd d }zt|}Wnt yN|t krKt t }t|}nYnwt||d d S)z> Default view used when request fails CSRF protection r)REASON_NO_CSRF_COOKIEREASON_NO_REFERER Forbiddenz*CSRF verification failed. Request aborted.uYou are seeing this message because this HTTPS site requires a “Referer header” to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.uIf you have configured your browser to disable “Referer” headers, please re-enable them, at least for this site, or for HTTPS connections, or for “same-origin” requests.u^If you are using the tag or including the “Referrer-Policy: no-referrer” header, please remove them. The CSRF protection requires the “Referer” header to do strict referer checking. If you’re concerned about privacy, use alternatives like for links to third-party sites.zYou are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.uIf you have configured your browser to disable cookies, please re-enable them, at least for this site, or for “same-origin” requests.z.More information is available with DEBUG=True.) titlemainreason no_referer no_referer1 no_referer2 no_referer3 no_cookie no_cookie1 no_cookie2DEBUG docs_versionmorez text/html) content_type)django.middleware.csrfr r _rrr r get_templaterCSRF_FAILURE_TEMPLATE_NAMEr from_stringCSRF_FAILURE_TEMPLATErrrender)requestr template_namer r ctr'3/usr/lib/python3/dist-packages/django/views/csrf.py csrf_failurehsF#   r)N) django.confr django.httprdjango.templaterrrrdjango.utils.translationrrdjango.utils.versionr r!rr)r'r'r'r(s    V