Is the iframe sourced from the same domain as the main page that was requested in the address bar? Is the action for the form pointing at a different domain than the one that generated it?
-James Mobile device could also be caching an incorrect csrf token. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/a2f6a467-5530-44ec-841c-9599e66456bf%40googlegroups.com <https://groups.google.com/d/msgid/django-users/a2f6a467-5530-44ec-841c-9599e66456bf%40googlegroups.com?utm_medium=email&utm_source=footer> . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciUwC7D4YfxT8T%2BYwATYYgfR271MknG8inMpUwBh%3DHGE0Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
