id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
13549	IE doesn't support cookie's max-age, so the CSRF cookie is not kept	master	nobody	"In django\middleware\csrf.py, class CsrfViewMiddleware, process_response(), the set_cookie() sets a 'max_age' argument but no 'expires' argument.[[BR]]
IE doesn't consider the max-age attribute, so the behaviour is the same as not setting any lifetime to the cookie.

This problem can be solved by the patch proposed in ticket #13548[[BR]]
If that patch is not accepted, then you have to set the parameter yourself, as in the patch attached to this ticket."		closed	HTTP handling	dev		duplicate	csrf, cookie, IE		Unreviewed	1	0	0	0	0	0