Fix side effects with csrf token, add csrf_token to every post form + add ajax (see http://stackoverflow.com/questions/5100539/django-csrf-check-failing-with-an-ajax-post-request), remove django.middleware.csrf.CsrfViewMiddleware ?!
{% if flash.message %}
<script type="text/javascript">
<!--
$(function() {
enqueueMsg('{{ flash.message }}');
}) ;
-->
</script>
<div id="t-msg-wrapper" class="message" style="top:30px;left:30px; position:absolute;"></div>
{% endif %}