id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
14222	csrf_exempt decorator is useless if not the top-most decorator	"Joshua ""jag"" Ginsberg <jag@…>"	nobody	If a view has multiple decorators and @csrf_exempt is not the top-most, it does not make the view CSRF-exempt. I would expect that anywhere in the decorator chain, the effect would be the same.		closed	Uncategorized	1.2		invalid			Unreviewed	0	0	0	0	0	0