1. Shu Zong Chen
  2. django-facebook-comments
  3. Issues
Issue #4 new

CSRF token sometimes not available for recache view

Kevin McCarthy
created an issue

If you are using varnish to cache your site, you often disable setting cookies. If the cookies are stripped out of the request, the CSRF token won't get sent to the recache view. Adding @csrf_exempt to the recache view fixes this problem, but this could potentially introduce a security problem (people could DDOS your site?)

Comments (0)

  1. Log in to comment