@@ -557,6 +558,9 @@ make backup-verify BACKUP_DIR=backups/backup_YYYYmmdd_HHMMSS
The LAN test deployment intentionally uses DJANGO_DEBUG=1 in .env.test because the security checks correctly reject insecure cookie settings when DEBUG=0 and the deployment is still plain HTTP behind a local test topology. This is acceptable for the test box only. Production must run with HTTPS and DEBUG=0.
+
+ If you still want branded wrong-URL and permission pages on the LAN test server while keeping DJANGO_DEBUG=1, enable FORCE_BRANDED_ERROR_PAGES=1 in .env.test. Full branded 500 behavior still requires DEBUG=0, which remains the correct production-style setup.
+
18) Deployment
Test server stack
diff --git a/backend/workflows/templates/workflows/errors/error_page.html b/backend/workflows/templates/workflows/errors/error_page.html
new file mode 100644
index 0000000..c3340c2
--- /dev/null
+++ b/backend/workflows/templates/workflows/errors/error_page.html
@@ -0,0 +1,31 @@
+{% extends 'workflows/base_shell.html' %}
+{% load i18n %}
+
+{% block title %}{{ error_title }}{% endblock %}
+
+{% block shell_body %}
+ {% include 'workflows/includes/app_header.html' with header_show_home=1 header_inside_shell=1 %}
+
+
+
+
+
{% trans "Fehlerseite" %}
+
{{ error_heading }}
+
{{ error_message }}
+
+
+ {{ error_code }}
+ {% trans "Status" %}
+
+
+
+{% endblock %}
diff --git a/backend/workflows/tests/error_test_urls.py b/backend/workflows/tests/error_test_urls.py
new file mode 100644
index 0000000..512345a
--- /dev/null
+++ b/backend/workflows/tests/error_test_urls.py
@@ -0,0 +1,28 @@
+from django.core.exceptions import PermissionDenied
+from django.http import HttpResponse
+from django.urls import include, path
+
+
+def ok_view(request):
+ return HttpResponse('ok')
+
+
+def deny_view(request):
+ raise PermissionDenied('forbidden')
+
+
+def explode_view(request):
+ raise RuntimeError('boom')
+
+
+handler400 = 'workflows.error_views.bad_request'
+handler403 = 'workflows.error_views.permission_denied'
+handler404 = 'workflows.error_views.not_found'
+handler500 = 'workflows.error_views.server_error'
+
+urlpatterns = [
+ path('healthz/', ok_view, name='healthz'),
+ path('raise-403/', deny_view, name='raise_403'),
+ path('raise-500/', explode_view, name='raise_500'),
+ path('', include('workflows.urls')),
+]
diff --git a/backend/workflows/tests/test_error_pages.py b/backend/workflows/tests/test_error_pages.py
new file mode 100644
index 0000000..eebd2b8
--- /dev/null
+++ b/backend/workflows/tests/test_error_pages.py
@@ -0,0 +1,62 @@
+from django.test import Client, RequestFactory, TestCase, override_settings
+
+from workflows.error_views import csrf_failure
+
+
+@override_settings(
+ DEBUG=False,
+ ROOT_URLCONF='workflows.tests.error_test_urls',
+ ALLOWED_HOSTS=['testserver'],
+)
+class ErrorPageTests(TestCase):
+ def setUp(self):
+ self.client = Client()
+ self.client.raise_request_exception = False
+
+ def test_custom_404_page_is_rendered(self):
+ response = self.client.get('/missing-page/')
+
+ self.assertEqual(response.status_code, 404)
+ self.assertTemplateUsed(response, 'workflows/errors/error_page.html')
+ self.assertContains(response, '404', status_code=404)
+
+ def test_custom_403_page_is_rendered(self):
+ response = self.client.get('/raise-403/')
+
+ self.assertEqual(response.status_code, 403)
+ self.assertTemplateUsed(response, 'workflows/errors/error_page.html')
+ self.assertContains(response, '403', status_code=403)
+
+ def test_custom_500_page_is_rendered(self):
+ response = self.client.get('/raise-500/')
+
+ self.assertEqual(response.status_code, 500)
+ self.assertTemplateUsed(response, 'workflows/errors/error_page.html')
+ self.assertContains(response, '500', status_code=500)
+
+ def test_csrf_failure_view_uses_custom_400_page(self):
+ request = RequestFactory().post('/test/')
+
+ response = csrf_failure(request)
+
+ self.assertEqual(response.status_code, 400)
+ self.assertContains(response, '400', status_code=400)
+
+
+@override_settings(
+ DEBUG=True,
+ FORCE_BRANDED_ERROR_PAGES=True,
+ ROOT_URLCONF='workflows.tests.error_test_urls',
+ ALLOWED_HOSTS=['testserver'],
+)
+class ForcedBrandedErrorPageTests(TestCase):
+ def setUp(self):
+ self.client = Client()
+ self.client.raise_request_exception = False
+
+ def test_missing_url_uses_branded_404_even_with_debug_enabled(self):
+ response = self.client.get('/missing-page/')
+
+ self.assertEqual(response.status_code, 404)
+ self.assertTemplateUsed(response, 'workflows/errors/error_page.html')
+ self.assertContains(response, '404', status_code=404)
diff --git a/backend/workflows/urls.py b/backend/workflows/urls.py
index ad0aa73..7971322 100644
--- a/backend/workflows/urls.py
+++ b/backend/workflows/urls.py
@@ -1,6 +1,6 @@
-from django.urls import path
+from django.urls import path, re_path
-from . import views
+from . import error_views, views
urlpatterns = [
path('healthz/', views.healthz, name='healthz'),
@@ -65,4 +65,5 @@ urlpatterns = [
path('requests/delete/
//', views.delete_request_from_dashboard, name='delete_request_from_dashboard'),
path('requests/retry///', views.retry_request_from_dashboard, name='retry_request_from_dashboard'),
path('requests/timeline///', views.request_timeline_page, name='request_timeline_page'),
+ re_path(r'^.*$', error_views.not_found, name='not_found_fallback'),
]