zedfrigg/bookwyrm
1
0
Fork 0
Code Activity

always return 403 to POST requests

Browse source 
- POST requests need to receive a 403 error code
- minor wording updates
This commit is contained in:
Hugh Rundle 2023-11-18 13:41:52 +11:00
parent 8ddafafa84
commit a56ba0ce1c
No known key found for this signature in database
GPG key ID: A7E35779918253F9
3 changed files with 10 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
bookwyrm/views/permission_denied.py
View file

@ -1,8 +1,15 @@
"""custom 403 handler to enable context processors"""
from django.http import HttpResponse
from django.template.response import TemplateResponse
from .helpers import is_api_request
def permission_denied(request, exception): # pylint: disable=unused-argument
"""permission denied page"""
if request.method == "POST" or is_api_request(request):
return HttpResponse(status=403)
return TemplateResponse(request, "403.html")