Closed yarwelp closed 9 years ago
We could of course provide our own logout view, e.g. wrapping the Django logout view, which would ensure that the request was POST and not GET and show a warning with a submit form to log out but I think this is something that should be fixed in Django itself.
Added to the 1.0.0 milestone. Might postpone.
Currently the way of doing logout with Django is with GET.
https://code.djangoproject.com/ticket/15619