I have a django site that is hosted on xyz.mysite.com. Parent site mysite.com which I do not own or control sets up a cookie with value [XX]v3|[XXX]
. This causes my site to return the error CSRF cookie not set.
This happened because django/middleware/csrf.py csrf_token
value is set to none when the user tries to log in.
If I delete the square braces from the the cookie value set by mysite.com it works fine.
Any idea how to avoid this issue. I am using django 1.5.12 which I cannot upgrade.
This is a python 2.7.9 bug. It is fixed in 2.7.10 https://hg.python.org/cpython/rev/2a7b0e145945