What's the safest way to change the Access Denied header and subsequent message that will allow for core updates?

Comments

cog.rusty’s picture

g10tto’s picture

Any idea where "Access Denied" is stored...?

cog.rusty’s picture

Sure. The "Access denied" string is in includes/common.inc.

g10tto’s picture

I originally asked because it wasn't working for me, but little did I know in February, that it's necessary to flush caches from time to time if your page is mostly compressed.

String Override works perfectly.

fehin’s picture

subscribing

zbricoleur’s picture

You can specify a different default page for Access Denied (403) at admin/settings/error-reporting. I don't know if it actually sends a 403 header or not; I don't know where to change that if it does.

executex’s picture

What I usually do is redirect Access Denied under Error reporting tooooo.... user/login

However, it would be nice to be able to do something like add a message:
user/login?msg=Sorry, this page requires logging in.

Anyone know if this is possible or if theres a module for this?

jonahruh’s picture

Where in login toboggin can i change the access denied message?

zbricoleur’s picture

Sorry, that was misleading. What I meant was that Logintoboggan provides a message to that effect on the login page. Actually, it says "Access denied. You may need to login below or register to access this page." There is no setting that allows you to change the wording, though the message is wrapped in the t function so you could use a translation or, better, cog.rusty's suggestion (above) of the string overrides module.