Open fwenzel opened 13 years ago
We should use LocMem cache by default, as it's fast and avoids writes to the disk. Django's actual dummy cache won't work because it doesn't actually store anything.
Of course, we can add memcached to our default/base playdoh vagrant VM and use that going forward.
Yes, memcache in vagrant wfm, but it should also work without. Good call on the dummy vs. locmem cache. The latter is the one I meant :)
What are the symptoms of this? I can't seem to replicate the problem: on a fresh funfactory-created playdoh app, the bleach form contains an anonymous CSRF token and works fine, and setting ANON_ALWAYS = True in settings/local.py doesn't seem to cause any problems. Is it possible a change in session_csrf has fixed this issue in the last 8 months?
(I'm curious about this because my browserid code needs ANON_ALWAYS = True to work, but that's been highlighted as a possible roadblock due to this issue.)
Anonymous, session-based CSRF is broken by default in PLaydoh, unless you set up caching properly. That sucks.
Let's configure/turn on/something a dummy/local memory cache by default so anonymous CSRF has a chance of working out of the box.