Add custom csrf view openedx#1511 (openedx#1513)

nttks · Dec 1, 2016 · 629bf80 · 629bf80
1 parent c3817d5
commit 629bf80
Show file tree

Hide file tree

Showing 5 changed files with 65 additions and 0 deletions.
diff --git a/ga/conf/locale/ja_JP/LC_MESSAGES/gacco.po b/ga/conf/locale/ja_JP/LC_MESSAGES/gacco.po
@@ -1235,3 +1235,19 @@ msgstr "講座名は{max_length}文字以内で設定してください。"
 #: cms/djangoapps/models/settings/course_metadata.py
 msgid "Course display name, please be up to {max_length} characters."
 msgstr "講座の表示名は{max_length}文字以内で設定してください。"
+
+#: lms/templates/ga_csrf_failure.html
+msgid "The sign in errors are caused by communication line or your browser settings. Please try following method."
+msgstr "通信回線、またはブラウザの設定が原因と思われます。以下の解決方法をお試しください。"
+
+#: lms/templates/ga_csrf_failure.html
+msgid "Close your browser screen once and sign in again after a while. Also confirm a connection state of your communication line."
+msgstr "画面を一旦閉じ、少し時間を置いてから再度ログインしてください。 また、インターネット回線の接続状態を確認してください。"
+
+#: lms/templates/ga_csrf_failure.html
+msgid "Enabling cookie support on your browser."
+msgstr "お使いのブラウザソフトのcookie（クッキー）設定を有効にしてください。"
+
+#: lms/templates/ga_csrf_failure.html
+msgid "If not resolve your sign in problem, please try other browser."
+msgstr "それでも解決しない場合は、他のブラウザでお試しください。"
diff --git a/lms/envs/common.py b/lms/envs/common.py
@@ -2763,5 +2763,8 @@
 ##### Format #####
 FORMAT_MODULE_PATH = ['conf.formats']
 
+##### CSRF #####
+CSRF_FAILURE_VIEW = 'openedx.core.djangoapps.ga_csrf.views.csrf_failure'
+
 ##### Settings for Biz #####
 from biz.envs.common import *
diff --git a/lms/templates/ga_csrf_failure.html b/lms/templates/ga_csrf_failure.html
@@ -0,0 +1,36 @@
+<%!
+from django.utils.translation import ugettext as _
+%>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=utf-8">
+  <title>403 Forbidden</title>
+  <style type="text/css">
+    .login-register .status .message-copy li {
+      margin: 0;
+      list-style: none;
+    }
+    #summary {
+      background: #ffc;
+      padding: 10px;
+    }
+    #summary ol li {
+      list-style-type: decimal;
+    }
+    #summary ol li:not(:first-child) {
+      margin-top: 10px;
+    }
+  </style>
+</head>
+<body>
+<div id="summary">
+  <p>${_("The sign in errors are caused by communication line or your browser settings. Please try following method.")}</p>
+  <ol>
+    <li>${_("Close your browser screen once and sign in again after a while. Also confirm a connection state of your communication line.")}</li>
+    <li>${_("Enabling cookie support on your browser.")}</li>
+  </ol>
+  <p>${_("If not resolve your sign in problem, please try other browser.")}</p>
+</div>
+</body>
+</html>
diff --git a/openedx/core/djangoapps/ga_csrf/__init__.py b/openedx/core/djangoapps/ga_csrf/__init__.py
diff --git a/openedx/core/djangoapps/ga_csrf/views.py b/openedx/core/djangoapps/ga_csrf/views.py
@@ -0,0 +1,10 @@
+"""
+Views for ga_csrf
+"""
+from django.http import HttpResponseForbidden
+
+from edxmako.shortcuts import render_to_response
+
+
+def csrf_failure(request, reason=''):  # pylint: disable=unused-argument
+    return HttpResponseForbidden(render_to_response('ga_csrf_failure.html'))