Index: django/contrib/csrf/middleware.py
===================================================================
--- django/contrib/csrf/middleware.py	(revision 9077)
+++ django/contrib/csrf/middleware.py	(working copy)
@@ -90,5 +90,11 @@
                 "' /></div>")
 
             # Modify any POST forms
-            response.content = _POST_FORM_RE.sub(add_csrf_field, response.content)
+            (response.content, modified) = _POST_FORM_RE.subn(
+                add_csrf_field, response.content)
+            
+            # if we modified the content, remove any ETag set previously
+            if modified:
+                del response['ETag']
+                
         return response
Index: docs/ref/contrib/csrf.txt
===================================================================
--- docs/ref/contrib/csrf.txt	(revision 9077)
+++ docs/ref/contrib/csrf.txt	(working copy)
@@ -25,8 +25,9 @@
 Add the middleware ``'django.contrib.csrf.middleware.CsrfMiddleware'`` to
 your list of middleware classes, :setting:`MIDDLEWARE_CLASSES`. It needs to process
 the response after the SessionMiddleware, so must come before it in the
-list. It also must process the response before things like compression
-happen to the response, so it must come after GZipMiddleware in the list.
+list. It also must process the response before things like compression or 
+setting of ETags happen to the response, so it must come after GZipMiddleware, 
+CommonMiddleware, and ConditionalGetMiddleware in the list.
 
 How it works
 ============