Make CSRF failures less confusing

[simonw]

A CSRF failure currently returns a confusing error message:

form-urlencoded POST field did not match cookie

Would be good if that at least linked to relevant docs https://docs.datasette.io/en/stable/internals.html#csrf-protection - since these errors are most likely during development.

On Discord here: https://discord.com/channels/823971286308356157/823971286941302908/1273347775165235391

Relevant:

• Ability to customize error messages asgi-csrf#28

[simonw]

I released asgi-csrf 0.10 with a new feature to enable this: https://github.com/simonw/asgi-csrf/releases/tag/0.10

[simonw]

New design:

[simonw]

Ooops... looks like this is served without text/html as the content-type!

[simonw]

Fixed: