id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
22185	CSRF cookie should be configurable	rogerhu	nobody	"Internet Explorer has the ability to block/disable persistent cookies (http://support.microsoft.com/kb/196955), and corruption of the index.dat cache
(i.e. disk errors that need to be repaired via CHKDSK) can cause Django sites to authenticate correctly but fail to do FORM POST's.  To
avoid this behavior, provide the option to configure the CSRF cookie age so that cookies can be configured to be persistent or session-based.

Changes (including test and documentation) are included here:

https://github.com/django/django/pull/2387/files
    
"	New feature	closed	CSRF	dev	Normal	fixed			Unreviewed	1	0	0	0	0	0