simonw / django-openid

A modern library for integrating OpenID with Django - incomplete, but really nearly there (promise)

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Django 1.2.1 CSRF protection failes

Markkaz opened this issue · comments

When the context processor django.middleware.csrf.CsrfViewMiddleware from Django 1.2.1 is active, the login form triggers a CSRF attempt error.

Ok, apparently I fixed it by overwriting the login.html template and add {% csrf_token %} to the form. It took me several restarts of the development server before it started working however.

We should recommend adding {% csrf_token %} to the post forms in default templates.

Latest Django has CSRF protection enabled by default