> In short, the first patch add a bullet point in the CSRF error page > which states that this > error can be triggered by disabled cookies.
I committed this change. > The second patch fixes the middleware itself to make the page show the > correct error message if the > error is caused by disabled cookies. Your patch didn't pass the test suite, but more importantly, it ties the CSRF protection to the session framework, which is a dependency we have worked hard to avoid. I don't think we can commit anything like your patch, since it actually changes the behavior pretty significantly. -Paul -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
