csrf_protect does not send cookie if view returns TemplateResponse
|Reported by:||Luke Plant||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||yes|
The problem is that
decorator_from_middleware does not render the response the way that normal handling does.
Note that problem will be hidden if
CsrfViewMiddleware is in use.
See also #16003 which is likely related.