[Django] #34953: CSRF verification fails even with CSRF middleware commented out

[Django]

#34953: CSRF verification fails even with CSRF middleware commented out
----------------------------------------+------------------------
Reporter: Fabio Araujo | Owner: nobody
Type: Bug | Status: new
Component: CSRF | Version: 4.2
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
----------------------------------------+------------------------
I'm running Django 4.2.5 in a development environment and the CSRF
middleware is not behaving as expected.

First, it was raising CSRF verification fail even when I knew the requests
were being made from my own application. This happens inconsistently.
Sometimes just by refreshing the page it works.

So I set the CSRF_TRUSTED_ORIGINS to try to get it working. It still
behave the same way, sometimes throwing the exception and sometimes not,
for the same views.

The next thing I tried was to completely bypass the CSRF verification by
commenting out the `django.middleware.csrf.CsrfViewMiddleware`. To my
profound astonishment, it still raises the error even though I thought it
should never even check the CSRF token in the first place.

--
Ticket URL: <https://code.djangoproject.com/ticket/34953>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#34953: CSRF verification fails even with CSRF middleware commented out

------------------------------+--------------------------------------

Reporter: Fabio Araujo | Owner: nobody

Type: Bug | Status: closed
Component: CSRF | Version: 4.2
Severity: Normal | Resolution: invalid

Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

------------------------------+--------------------------------------
Changes (by Natalia Bidart):

* status: new => closed
* resolution: => invalid

Comment:

Hello Fabio, thank you for taking the time to create a ticket.

From your description, it seems that the problem may be a configuration
issue or something specific of your project. This report seems better
suited to be a support request: the best place to get answers to your
issue is using any of the user support channels from
[https://docs.djangoproject.com/en/dev/faq/help/#how-do-i-do-x-why-
doesn-t-y-work-where-can-i-go-to-get-help this link].

Since the goal of this issue tracker is to track issues about Django
itself, and your issue seems, at first, to be located in your custom code,
I'll be closing this ticket as invalid. If, after debugging, you find out
that this is indeed a bug in Django, please re-open with the specific
details and please be sure to include a small Django project to reproduce
or a failing test case.

--
Ticket URL: <https://code.djangoproject.com/ticket/34953#comment:1>