Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37

docs/releases/1.4.txt

@@ -261,6 +261,11 @@ Django 1.4 also includes several smaller improvements worth noting:
 * It is now possible to load fixtures containing forward references when using
   MySQL with the InnoDB database engine.
 
+* A new 403 response handler has been added as
+  ``'django.views.defaults.permission_denied'``. See the documentation
+  about :ref:`the 403 (HTTP Forbidden) view<http_forbidden_view>` for more
+  information.
+
 .. _backwards-incompatible-changes-1.4:
 
 Backwards incompatible changes in 1.4

docs/topics/http/views.txt

@@ -197,3 +197,24 @@ Two things to note about 500 views:
     * If :setting:`DEBUG` is set to ``True`` (in your settings module), then
       your 500 view will never be used, and the traceback will be displayed
       instead, with some debug information.
+
+.. _http_forbidden_view:
+
+The 403 (HTTP Forbidden) view
+----------------------------
+
+.. versionadded:: 1.4
+
+In the same vein as the 404 and 500 views, Django has a view to handle 403
+Forbidden errors. If a view results in a 403 exception then Django will, by
+default, call the view ``django.views.defaults.permission_denied``.
+
+This view loads and renders the template ``403.html`` in your root template
+directory, or if this file does not exist, instead serves the text
+"403 Forbidden", as per RFC 2616 (the HTTP 1.1 Specification).
+
+It is possible to override ``django.views.defaults.permission_denied`` in the
+same way you can for the 404 and 500 views by specifying a ``handler403`` in
+your URLconf::
+
+    handler403 = 'mysite.views.my_custom_permission_denied_view'