Hey everyone!
I noticed today that CSRF_FAILURE_VIEW is used even when DEBUG=False. I'm not sure why this is so and I think it would make much more sense to use default 403 handling when DEBUG=False.
I checked the ticket where this was initially added, to see if there was a particular reason for it.
I could only find one comment related to this. And although it says 'Helpful 403 page if DEBUG is True' that's not really the case.
I wanted to check here if there is a reason for this behaviour before opening a ticket for it.
Have a great weekend :)
Žan