csrf_token cookie deleted by another site?

I have a django site running on 1.2.1, and once in a while my users lose a lot of work because the csrf_token cookie does not exist and the page errors out with a 403 er开发者_StackOverflow中文版ror on post. I narrowed this down to another site (that my users frequent) deleting the cookie on me. The site does this with the ActiveX ClearAuthenticationCache command.

Is there any solution to this problem other than removing the CSRF protection?

Thanks, Pete

You can use the fact that the required value of the cookie is still present in the page, and use javascript to re-create the cookie just before submitting. Hook to the submit button click, and add something like

document.cookie = 'csrfmiddlewaretoken='+$("input[name='csrfmiddlewaretoken']").val()