I've just found the root cause of the problem.
The bug occurs when using ListView (I haven't tested other CBV though) and decorating it with cache_page and csrf_protect.
I've tested it with a new clean project and left settings.py as a default.
The simple code I used to test is as follows:
urls.py (excerpt): url(r'safe/$', cache_page(1800)(csrf_protect(SafeView.as_view()))),
url(r'bug/$', cache_page(1800)(csrf_protect(BugView.as_view()))),
views.py:
from django.template import RequestContext
from django.views.generic import View, ListView
class SafeView(View):
template_name = 'basic/index.html'
def get(self, request):
return render_to_response('basic/index.html', {'msg': 'Hello, world'}, context_instance=RequestContext(request))
class BugView(ListView):
template_name = 'basic/index.html'
queryset = []
template (basic/index.html):Today message: {{ msg }}<br>{% csrf_token %}
I kept reloading the SafeView page (20+ times) and the bug didn't occur.
You should try reloading the BugView page and the bug will occur within 10 reloading times.
> To post to this group, send email to django-developers@googlegroups.com.
> To unsubscribe from this group, send email to
> django-developers+unsubscribe@googlegroups.com.