id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 24696 CSRF middleware wastefully calculates new tokens that are never used . Jay Cox nobody "When a client requests a page from a site running the csrf middleware and does not send a csrf cookie - a new CSRF token is generated even if the page does not use the token. This unnecessary token generation can add about 40% to the response time for simple requests. I have created a pull request with a solution that only generates a csrf token when it is going to be used. Git hub pull request: https://github.com/django/django/pull/4550 " Cleanup/optimization closed CSRF 1.8 Normal fixed CSRF performance Ready for checkin 1 0 0 0 0 0