Avoids HTTP 403 on login and reset/change password, seehttps://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf.
--- a/src/cm/templates/site/profile_pw.html Thu May 17 23:58:03 2012 +0200
+++ b/src/cm/templates/site/profile_pw.html Fri May 18 00:07:32 2012 +0200
@@ -19,7 +19,7 @@
<li class="active_sub">{% blocktrans %}Password{% endblocktrans %}</li>
</ul>
-<form id="profile" enctype="multipart/form-data" class="wizard-form" action="." method="post">
+<form id="profile" enctype="multipart/form-data" class="wizard-form" action="." method="post">{% csrf_token %}
<table class="wide_form">
<tbody>
{% for form in forms %}
@@ -36,4 +36,4 @@
</tbody>
</table>
</form>
-{% endblock %}
\ No newline at end of file
+{% endblock %}