I've submitted a ticket[1] with two patches as a follow-up to this discussion:
http://groups.google.com/group/django-developers/browse_thread/thread/ca34924871e3c00b/b29cd0e17c010f54?lnk=gst&q=csrf+cookie+haineault#b29cd0e17c010f54 In short, the first patch add a bullet point in the CSRF error page which states that this error can be triggered by disabled cookies. The second patch fixes the middleware itself to make the page show the correct error message if the error is caused by disabled cookies. The error message was already in the django source code, it was just not used. Both are really small patches, but I decided to make two patch to increase the chances that at least the error message gets in for 1.4 final (it's only two lines of HTML). I did not dare to mark it as release blocker, but I do believe it should be in 1.4.. 1. https://code.djangoproject.com/ticket/17732 -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
