Index: django/views/i18n.py
===================================================================
--- django/views/i18n.py	(revision 4664)
+++ django/views/i18n.py	(working copy)
@@ -9,20 +9,24 @@
     """
     Redirect to a given url while setting the chosen language in the
     session or cookie. The url and the language code need to be
-    specified in the GET paramters.
+    specified in the request parameters. As this view may change how
+    the user will see the rest of the site, it must be accessed using
+    a POST request. If a POST request is not used, it should fail
+    gracefully by returning the user to the appropriate place.
     """
-    lang_code = request.GET['language']
-    next = request.GET.get('next', None)
+    next = request.REQUEST.get('next', None)
     if not next:
         next = request.META.get('HTTP_REFERER', None)
     if not next:
         next = '/'
     response = http.HttpResponseRedirect(next)
-    if check_for_language(lang_code):
-        if hasattr(request, 'session'):
-            request.session['django_language'] = lang_code
-        else:
-            response.set_cookie('django_language', lang_code)
+    if request.method == 'POST':
+        lang_code = request.REQUEST.get('language', None)
+        if lang_code and check_for_language(lang_code):
+            if hasattr(request, 'session'):
+                request.session['django_language'] = lang_code
+            else:
+                response.set_cookie('django_language', lang_code)
     return response
 
 NullSource = """
Index: docs/i18n.txt
===================================================================
--- docs/i18n.txt	(revision 4664)
+++ docs/i18n.txt	(working copy)
@@ -547,15 +547,15 @@
 
 (Note that this example makes the view available at ``/i18n/setlang/``.)
 
-The view expects to be called via the ``GET`` method, with a ``language``
-parameter set in the query string. If session support is enabled, the view
-saves the language choice in the user's session. Otherwise, it saves the
-language choice in a ``django_language`` cookie.
+The view expects to be called via the ``POST`` method, with a ``language``
+parameter set in the query string or POST data. If session support is enabled,
+the view saves the language choice in the user's session. Otherwise, it saves
+the language choice in a ``django_language`` cookie.
 
 After setting the language choice, Django redirects the user, following this
 algorithm:
 
-    * Django looks for a ``next`` parameter in the query string.
+    * Django looks for a ``next`` parameter in the query string or POST data.
     * If that doesn't exist, or is empty, Django tries the URL in the
       ``Referer`` header.
     * If that's empty -- say, if a user's browser suppresses that header --
@@ -563,7 +563,7 @@
 
 Here's example HTML template code::
 
-    <form action="/i18n/setlang/" method="get">
+    <form action="/i18n/setlang/" method="post">
     <input name="next" type="hidden" value="/next/page/" />
     <select name="language">
     {% for lang in LANGUAGES %}