I've released some small updates to my 'Django validator app' and 'CsrfMiddleware'. The main changes are:
added a setup.py to both of them, after working out how these work and a lot of fiddling around.
added support for mod_python to the validator app (thanks nesh)
added a setting to allow the validator to ignore certain paths.
Get them here:
I've also discovered that my CsrfMiddleware is currently number 6 in a google
search for Cross Site Request Forgery, which is rather pleasing, or
perhaps it just tells you how little there is on the web about this exploit.