From 72b388bf8d30968c85c876052b7ced6d2cd4e03a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Do=C4=9Fukan=20=C3=9Crker?= <dogukanurker@icloud.com>
Date: Thu, 21 Dec 2023 20:41:00 +0300
Subject: [PATCH] Custom CSRF error page added

---
 app.py                   |  7 ++++++-
 templates/csrfError.html | 11 +++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 templates/csrfError.html

diff --git a/app.py b/app.py
index 89c9a8bc..187434e4 100644
--- a/app.py
+++ b/app.py
@@ -31,7 +31,7 @@
 from routes.adminPanelComments import adminPanelCommentsBlueprint
 from routes.changeProfilePicture import changeProfilePictureBlueprint
 from dbChecker import dbFolder, usersTable, postsTable, commentsTable
-from flask_wtf.csrf import CSRFProtect
+from flask_wtf.csrf import CSRFProtect, CSRFError
 
 dbFolder()
 usersTable()
@@ -56,6 +56,11 @@ def notFound(e):
     return render_template("404.html"), 404
 
 
+@app.errorhandler(CSRFError)
+def handle_csrf_error(e):
+    return render_template("csrfError.html", reason=e.description), 400
+
+
 app.register_blueprint(postBlueprint)
 app.register_blueprint(userBlueprint)
 app.register_blueprint(indexBlueprint)
diff --git a/templates/csrfError.html b/templates/csrfError.html
new file mode 100644
index 00000000..c25ffc69
--- /dev/null
+++ b/templates/csrfError.html
@@ -0,0 +1,11 @@
+{% extends 'layout.html'%} {%block head%}
+<link
+  rel="icon"
+  href="data:image/svg+xml,<svg xmlns=%22http://www.w3.org/2000/svg%22 viewBox=%220 0 100 100%22><text y=%22.9em%22 font-size=%2290%22>🔎</text></svg>"
+/>
+{% endblock head %} {%block body%}
+<div class="errorMessage">
+  <h1>Fill the same form again.</h1>
+  <p>Reason: {{reason}}</p>
+</div>
+{% endblock body %}