1

How can I find out who is responsible for Django's CSRF middleware so I could ask them questions?

I'm having so many CSRF failures for months on my Django site and it is costing me hours and hours of problems every few weeks. I want to contact the developers who worked on it to ask them one or two root questions about the problems I'm having.

I put up several other posts about the problems that never get satisfactory answers, but that do result in a few work arounds:
Django CSRF framework cannot be disabled and is breaking my site
Django CSRF Framework having many failures
Tons of false positives from Django's CSRF middleware?
For Django's CSRF failure middleware, how can you get the CSRF errors to report what URL is failing?

Some other people are having the same types of frustrations: Completely disable Django's CSRF protection in SVN Trunk

Community
  • 1
  • 1
MikeN
  • 45,039
  • 49
  • 151
  • 227
  • Finding contact information for a person is not really a programming question... – Guffa Jan 06 '10 at 01:49
  • Well they are contributors to an open source project. They must be listed somewhere in the code or the django community. – MikeN Jan 06 '10 at 02:16
  • 1
    Why don't you post your problem here? Lots of people are using CSRF middleware without any problems. Which version of django are you using? – Will Hardy Jan 06 '10 at 02:20
  • How many thousands of dollars are they saving you by providing you with a free framework? – brianz Jan 06 '10 at 03:32

2 Answers2

5

CSRF protection is being re-worked for Django 1.2. See the community wiki page CsrfProtection that discusses the current limitations and proposals for re-working. Personally I'm thinking about moving ahead and using Simon Willison's django-safeform project as a temporary solution until 1.2 is released.

Van Gale
  • 43,536
  • 9
  • 71
  • 81
3

I've said this before, but you should not be using trunk for production projects. Use the stable release, and you won't have any problems.

Daniel Roseman
  • 588,541
  • 66
  • 880
  • 895