diff --git a/error.go b/error.go
index ab626247..b913db39 100644
--- a/error.go
+++ b/error.go
@@ -252,6 +252,30 @@ func forbidden(rw http.ResponseWriter, r *http.Request) {
)
}
+// show 422 missing xsrf token
+func missingxsrf(rw http.ResponseWriter, r *http.Request) {
+ responseError(rw, r,
+ 422,
+ "
The page you have requested is forbidden."+
+ "
Perhaps you are here because:"+
+ "
"+
+ "
'_xsrf' argument missing from POST"+
+ "
",
+ )
+}
+
+// show 417 invalid xsrf token
+func invalidxsrf(rw http.ResponseWriter, r *http.Request) {
+ responseError(rw, r,
+ 417,
+ "
The page you have requested is forbidden."+
+ "
Perhaps you are here because:"+
+ "
"+
+ "
expected XSRF not found"+
+ "
",
+ )
+}
+
// show 404 not found error.
func notFound(rw http.ResponseWriter, r *http.Request) {
responseError(rw, r,
diff --git a/hooks.go b/hooks.go
index 0fddc82f..c5ec8e2d 100644
--- a/hooks.go
+++ b/hooks.go
@@ -32,6 +32,8 @@ func registerDefaultErrorHandler() error {
"502": badGateway,
"503": serviceUnavailable,
"504": gatewayTimeout,
+ "417": invalidxsrf,
+ "422": missingxsrf,
}
for e, h := range m {
if _, ok := ErrorMaps[e]; !ok {