id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
13555	Removing CSRF protection from subclassed django admin sites	Paul Haesler	nobody	"From Django 1.2, removing CSRF protection for a subclassed admin site is difficult and messy.  (Some of my subclassed admin sites use no authentication and allow direct posting from external applications - CSRF protection is therefore inconvenient to say the least). 

It would be nice if there was a clean simple way to completely turn CSRF off in sub-classed admin sites.  E.g:

class MyAdminSite(AdminSite):
     csrf_protection = False "		closed	contrib.admin	1.2-beta		wontfix	csrf		Unreviewed	0	0	0	0	0	0