2019-01-04 10:21:55 +08:00
|
|
|
from urllib.parse import quote
|
|
|
|
|
2017-02-25 14:48:20 +08:00
|
|
|
from django.http import (
|
|
|
|
HttpResponseBadRequest,
|
|
|
|
HttpResponseForbidden,
|
|
|
|
HttpResponseNotFound,
|
|
|
|
HttpResponseServerError,
|
|
|
|
)
|
2015-01-28 20:35:27 +08:00
|
|
|
from django.template import Context, Engine, TemplateDoesNotExist, loader
|
2010-10-28 19:47:15 +08:00
|
|
|
from django.views.decorators.csrf import requires_csrf_token
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2015-11-08 00:24:07 +08:00
|
|
|
ERROR_404_TEMPLATE_NAME = "404.html"
|
|
|
|
ERROR_403_TEMPLATE_NAME = "403.html"
|
|
|
|
ERROR_400_TEMPLATE_NAME = "400.html"
|
|
|
|
ERROR_500_TEMPLATE_NAME = "500.html"
|
2019-06-06 02:12:21 +08:00
|
|
|
ERROR_PAGE_TEMPLATE = """
|
|
|
|
<!doctype html>
|
|
|
|
<html lang="en">
|
|
|
|
<head>
|
|
|
|
<title>%(title)s</title>
|
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<h1>%(title)s</h1><p>%(details)s</p>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
"""
|
2015-11-08 00:24:07 +08:00
|
|
|
|
2010-10-28 19:47:15 +08:00
|
|
|
|
2021-02-25 04:32:37 +08:00
|
|
|
# These views can be called when CsrfViewMiddleware.process_view() not run,
|
2011-08-12 22:15:31 +08:00
|
|
|
# therefore need @requires_csrf_token in case the template needs
|
|
|
|
# {% csrf_token %}.
|
2021-02-25 04:32:37 +08:00
|
|
|
|
|
|
|
|
2010-10-28 19:47:15 +08:00
|
|
|
@requires_csrf_token
|
2015-11-08 00:24:07 +08:00
|
|
|
def page_not_found(request, exception, template_name=ERROR_404_TEMPLATE_NAME):
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2008-06-16 11:41:03 +08:00
|
|
|
Default 404 handler.
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2012-06-27 09:17:15 +08:00
|
|
|
Templates: :template:`404.html`
|
2006-05-02 09:31:56 +08:00
|
|
|
Context:
|
|
|
|
request_path
|
2019-01-04 10:21:55 +08:00
|
|
|
The path of the requested URL (e.g., '/app/pages/bad_page/'). It's
|
|
|
|
quoted to prevent a content injection attack.
|
2015-04-22 03:54:00 +08:00
|
|
|
exception
|
|
|
|
The message from the exception which triggered the 404 (if one was
|
|
|
|
supplied), or the exception class name
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2015-04-22 03:54:00 +08:00
|
|
|
exception_repr = exception.__class__.__name__
|
|
|
|
# Try to get an "interesting" exception message, if any (and not the ugly
|
|
|
|
# Resolver404 dictionary)
|
|
|
|
try:
|
|
|
|
message = exception.args[0]
|
|
|
|
except (AttributeError, IndexError):
|
|
|
|
pass
|
|
|
|
else:
|
2016-12-29 23:27:49 +08:00
|
|
|
if isinstance(message, str):
|
2015-04-22 03:54:00 +08:00
|
|
|
exception_repr = message
|
|
|
|
context = {
|
2019-01-04 10:21:55 +08:00
|
|
|
"request_path": quote(request.path),
|
2015-04-22 03:54:00 +08:00
|
|
|
"exception": exception_repr,
|
|
|
|
}
|
2012-10-01 05:16:14 +08:00
|
|
|
try:
|
|
|
|
template = loader.get_template(template_name)
|
2015-01-08 22:03:43 +08:00
|
|
|
body = template.render(context, request)
|
2018-12-28 08:49:03 +08:00
|
|
|
content_type = None # Django will use 'text/html'.
|
2012-10-01 05:16:14 +08:00
|
|
|
except TemplateDoesNotExist:
|
2015-11-08 00:24:07 +08:00
|
|
|
if template_name != ERROR_404_TEMPLATE_NAME:
|
|
|
|
# Reraise if it's a missing custom template.
|
|
|
|
raise
|
2019-01-16 23:19:56 +08:00
|
|
|
# Render template (even though there are no substitutions) to allow
|
|
|
|
# inspecting the context in tests.
|
2015-01-08 22:03:43 +08:00
|
|
|
template = Engine().from_string(
|
2019-06-06 02:12:21 +08:00
|
|
|
ERROR_PAGE_TEMPLATE
|
|
|
|
% {
|
|
|
|
"title": "Not Found",
|
|
|
|
"details": "The requested resource was not found on this server.",
|
|
|
|
},
|
|
|
|
)
|
2015-01-08 22:03:43 +08:00
|
|
|
body = template.render(Context(context))
|
2013-08-04 17:01:01 +08:00
|
|
|
content_type = "text/html"
|
2017-02-25 14:48:20 +08:00
|
|
|
return HttpResponseNotFound(body, content_type=content_type)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2010-10-28 19:47:15 +08:00
|
|
|
|
|
|
|
@requires_csrf_token
|
2015-11-08 00:24:07 +08:00
|
|
|
def server_error(request, template_name=ERROR_500_TEMPLATE_NAME):
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2005-11-11 12:45:05 +08:00
|
|
|
500 error handler.
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2012-06-27 09:17:15 +08:00
|
|
|
Templates: :template:`500.html`
|
2005-07-13 09:25:57 +08:00
|
|
|
Context: None
|
|
|
|
"""
|
2012-10-01 05:16:14 +08:00
|
|
|
try:
|
|
|
|
template = loader.get_template(template_name)
|
|
|
|
except TemplateDoesNotExist:
|
2015-11-08 00:24:07 +08:00
|
|
|
if template_name != ERROR_500_TEMPLATE_NAME:
|
|
|
|
# Reraise if it's a missing custom template.
|
|
|
|
raise
|
2019-06-06 02:12:21 +08:00
|
|
|
return HttpResponseServerError(
|
|
|
|
ERROR_PAGE_TEMPLATE % {"title": "Server Error (500)", "details": ""},
|
|
|
|
content_type="text/html",
|
|
|
|
)
|
2017-02-25 14:48:20 +08:00
|
|
|
return HttpResponseServerError(template.render())
|
2008-09-10 13:56:34 +08:00
|
|
|
|
2010-10-28 19:47:15 +08:00
|
|
|
|
2013-05-16 07:14:28 +08:00
|
|
|
@requires_csrf_token
|
2015-11-08 00:24:07 +08:00
|
|
|
def bad_request(request, exception, template_name=ERROR_400_TEMPLATE_NAME):
|
2013-05-16 07:14:28 +08:00
|
|
|
"""
|
|
|
|
400 error handler.
|
|
|
|
|
|
|
|
Templates: :template:`400.html`
|
|
|
|
Context: None
|
|
|
|
"""
|
|
|
|
try:
|
|
|
|
template = loader.get_template(template_name)
|
|
|
|
except TemplateDoesNotExist:
|
2015-11-08 00:24:07 +08:00
|
|
|
if template_name != ERROR_400_TEMPLATE_NAME:
|
|
|
|
# Reraise if it's a missing custom template.
|
|
|
|
raise
|
2019-06-06 02:12:21 +08:00
|
|
|
return HttpResponseBadRequest(
|
|
|
|
ERROR_PAGE_TEMPLATE % {"title": "Bad Request (400)", "details": ""},
|
|
|
|
content_type="text/html",
|
|
|
|
)
|
2015-04-22 03:54:00 +08:00
|
|
|
# No exception content is passed to the template, to not disclose any
|
|
|
|
# sensitive information.
|
2017-02-25 14:48:20 +08:00
|
|
|
return HttpResponseBadRequest(template.render())
|
2013-05-16 07:14:28 +08:00
|
|
|
|
|
|
|
|
2011-08-12 22:15:31 +08:00
|
|
|
@requires_csrf_token
|
2015-11-08 00:24:07 +08:00
|
|
|
def permission_denied(request, exception, template_name=ERROR_403_TEMPLATE_NAME):
|
2011-08-12 22:15:31 +08:00
|
|
|
"""
|
|
|
|
Permission denied (403) handler.
|
|
|
|
|
2012-06-27 09:17:15 +08:00
|
|
|
Templates: :template:`403.html`
|
2021-02-25 04:32:37 +08:00
|
|
|
Context:
|
|
|
|
exception
|
|
|
|
The message from the exception which triggered the 403 (if one was
|
|
|
|
supplied).
|
2011-08-12 22:15:31 +08:00
|
|
|
|
|
|
|
If the template does not exist, an Http403 response containing the text
|
2016-05-02 20:35:05 +08:00
|
|
|
"403 Forbidden" (as per RFC 7231) will be returned.
|
2011-08-12 22:15:31 +08:00
|
|
|
"""
|
|
|
|
try:
|
|
|
|
template = loader.get_template(template_name)
|
|
|
|
except TemplateDoesNotExist:
|
2015-11-08 00:24:07 +08:00
|
|
|
if template_name != ERROR_403_TEMPLATE_NAME:
|
|
|
|
# Reraise if it's a missing custom template.
|
|
|
|
raise
|
2019-06-06 02:12:21 +08:00
|
|
|
return HttpResponseForbidden(
|
|
|
|
ERROR_PAGE_TEMPLATE % {"title": "403 Forbidden", "details": ""},
|
|
|
|
content_type="text/html",
|
|
|
|
)
|
2017-02-25 14:48:20 +08:00
|
|
|
return HttpResponseForbidden(
|
2017-04-22 01:52:26 +08:00
|
|
|
template.render(request=request, context={"exception": str(exception)})
|
2015-04-22 03:54:00 +08:00
|
|
|
)
|