Django 1.2.1 CSRF protection failes
Markkaz opened this issue · comments
When the context processor django.middleware.csrf.CsrfViewMiddleware from Django 1.2.1 is active, the login form triggers a CSRF attempt error.
Ok, apparently I fixed it by overwriting the login.html template and add {% csrf_token %} to the form. It took me several restarts of the development server before it started working however.
We should recommend adding {% csrf_token %} to the post forms in default templates.
Latest Django has CSRF protection enabled by default