def bad_csrf_token(context: BadCSRFToken, request: Request):
"""User friendly error page about bad CSRF token."""
# Log this as a warning
session = request.session
token = session.get_csrf_token()
logger.warn("Bad CSRF error: session: %s IP: %s cookie: %s user agent: %s", request.session.session_id, request.client_addr, token, request.user_agent)
html = render('core/badcsrftoken.html', {}, request=request)
resp = Response(html)
resp.status_code = 400
# Hint pyramid_redis_session not to generate any session cookies for this response
resp.cache_control.public = True
# Make sure nothing is written or no transaction left open on 500
request.tm.abort()
return resp
评论列表
文章目录
