1. ==============

  2. Built-in Views

  3. ==============

  4. 

  5. .. module:: django.views

  6.    :synopsis: Django's built-in views.

  7. 

  8. Several of Django's built-in views are documented in

  9. :doc:`/topics/http/views` as well as elsewhere in the documentation.

  10. 

  11. Serving files in development

  12. ============================

  13. 

  14. .. function:: static.serve(request, path, document_root, show_indexes=False)

  15. 

  16. There may be files other than your project's static assets that, for

  17. convenience, you'd like to have Django serve for you in local development.

  18. The :func:`~django.views.static.serve` view can be used to serve any directory

  19. you give it. (This view is **not** hardened for production use and should be

  20. used only as a development aid; you should serve these files in production

  21. using a real front-end web server).

  22. 

  23. The most likely example is user-uploaded content in :setting:`MEDIA_ROOT`.

  24. ``django.contrib.staticfiles`` is intended for static assets and has no

  25. built-in handling for user-uploaded files, but you can have Django serve your

  26. :setting:`MEDIA_ROOT` by appending something like this to your URLconf::

  27. 

  28.     from django.conf import settings

  29.     from django.urls import re_path

  30.     from django.views.static import serve

  31. 

  32.     # ... the rest of your URLconf goes here ...

  33. 

  34.     if settings.DEBUG:

  35.         urlpatterns += [

  36.             re_path(r'^media/(?P<path>.*)$', serve, {

  37.                 'document_root': settings.MEDIA_ROOT,

  38.             }),

  39.         ]

  40. 

  41. Note, the snippet assumes your :setting:`MEDIA_URL` has a value of

  42. ``'media/'``. This will call the :func:`~django.views.static.serve` view,

  43. passing in the path from the URLconf and the (required) ``document_root``

  44. parameter.

  45. 

  46. Since it can become a bit cumbersome to define this URL pattern, Django

  47. ships with a small URL helper function :func:`~django.conf.urls.static.static`

  48. that takes as parameters the prefix such as :setting:`MEDIA_URL` and a dotted

  49. path to a view, such as ``'django.views.static.serve'``. Any other function

  50. parameter will be transparently passed to the view.

  51. 

  52. .. _error-views:

  53. 

  54. Error views

  55. ===========

  56. 

  57. Django comes with a few views by default for handling HTTP errors. To override

  58. these with your own custom views, see :ref:`customizing-error-views`.

  59. 

  60. .. _http_not_found_view:

  61. 

  62. The 404 (page not found) view

  63. -----------------------------

  64. 

  65. .. function:: defaults.page_not_found(request, exception, template_name='404.html')

  66. 

  67. When you raise :exc:`~django.http.Http404` from within a view, Django loads a

  68. special view devoted to handling 404 errors. By default, it's the view

  69. :func:`django.views.defaults.page_not_found`, which either produces a "Not

  70. Found" message or loads and renders the template ``404.html`` if you created it

  71. in your root template directory.

  72. 

  73. The default 404 view will pass two variables to the template: ``request_path``,

  74. which is the URL that resulted in the error, and ``exception``, which is a

  75. useful representation of the exception that triggered the view (e.g. containing

  76. any message passed to a specific ``Http404`` instance).

  77. 

  78. Three things to note about 404 views:

  79. 

  80. * The 404 view is also called if Django doesn't find a match after

  81.   checking every regular expression in the URLconf.

  82. 

  83. * The 404 view is passed a :class:`~django.template.RequestContext` and

  84.   will have access to variables supplied by your template context

  85.   processors (e.g. ``MEDIA_URL``).

  86. 

  87. * If :setting:`DEBUG` is set to ``True`` (in your settings module), then

  88.   your 404 view will never be used, and your URLconf will be displayed

  89.   instead, with some debug information.

  90. 

  91. .. _http_internal_server_error_view:

  92. 

  93. The 500 (server error) view

  94. ---------------------------

  95. 

  96. .. function:: defaults.server_error(request, template_name='500.html')

  97. 

  98. Similarly, Django executes special-case behavior in the case of runtime errors

  99. in view code. If a view results in an exception, Django will, by default, call

  100. the view ``django.views.defaults.server_error``, which either produces a

  101. "Server Error" message or loads and renders the template ``500.html`` if you

  102. created it in your root template directory.

  103. 

  104. The default 500 view passes no variables to the ``500.html`` template and is

  105. rendered with an empty ``Context`` to lessen the chance of additional errors.

  106. 

  107. If :setting:`DEBUG` is set to ``True`` (in your settings module), then

  108. your 500 view will never be used, and the traceback will be displayed

  109. instead, with some debug information.

  110. 

  111. .. _http_forbidden_view:

  112. 

  113. The 403 (HTTP Forbidden) view

  114. -----------------------------

  115. 

  116. .. function:: defaults.permission_denied(request, exception, template_name='403.html')

  117. 

  118. In the same vein as the 404 and 500 views, Django has a view to handle 403

  119. Forbidden errors. If a view results in a 403 exception then Django will, by

  120. default, call the view ``django.views.defaults.permission_denied``.

  121. 

  122. This view loads and renders the template ``403.html`` in your root template

  123. directory, or if this file does not exist, instead serves the text

  124. "403 Forbidden", as per :rfc:`7231#section-6.5.3` (the HTTP 1.1 Specification).

  125. The template context contains ``exception``, which is the string

  126. representation of the exception that triggered the view.

  127. 

  128. ``django.views.defaults.permission_denied`` is triggered by a

  129. :exc:`~django.core.exceptions.PermissionDenied` exception. To deny access in a

  130. view you can use code like this::

  131. 

  132.     from django.core.exceptions import PermissionDenied

  133. 

  134.     def edit(request, pk):

  135.         if not request.user.is_staff:

  136.             raise PermissionDenied

  137.         # ...

  138. 

  139. .. _http_bad_request_view:

  140. 

  141. The 400 (bad request) view

  142. --------------------------

  143. 

  144. .. function:: defaults.bad_request(request, exception, template_name='400.html')

  145. 

  146. When a :exc:`~django.core.exceptions.SuspiciousOperation` is raised in Django,

  147. it may be handled by a component of Django (for example resetting the session

  148. data). If not specifically handled, Django will consider the current request a

  149. 'bad request' instead of a server error.

  150. 

  151. ``django.views.defaults.bad_request``, is otherwise very similar to the

  152. ``server_error`` view, but returns with the status code 400 indicating that

  153. the error condition was the result of a client operation. By default, nothing

  154. related to the exception that triggered the view is passed to the template

  155. context, as the exception message might contain sensitive information like

  156. filesystem paths.

  157. 

  158. ``bad_request`` views are also only used when :setting:`DEBUG` is ``False``.
About Sign Up Leave Feedback Contact