Django - custom 403 template
You need to use 403_csrf.html
.
For regular 403 permission denied pages, creating the 403.html
template should work.
However, for CSRF errors (which also return status code 403), you should create a 403_csrf.html
template instead.
Creating a 403_csrf.html
template works in Django 1.10+. For earlier versions, you had to change the CSRF_FAILURE_VIEW
setting to the view you want to use.
See the CSRF docs for more info.
There was a discussion about why the CSRF failure view behaves differently in the Django-developers mailing list this week.