csrf_protect does not send cookie if view returns TemplateResponse
|Reported by:||lukeplant||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||yes|
The problem is that decorator_from_middleware does not render the response the way that normal handling does.
Note that problem will be hidden if CsrfViewMiddleware is in use.
See also #16003 which is likely related.
Change History (12)
comment:7 Changed 4 years ago by lukeplant
- Resolution set to fixed
- Status changed from new to closed