# DJG200

Django middleware is missing `CsrfViewMiddleware`, which blocks cross-site request forgery

## Fixes

Add `'django.middleware.csrf.CsrfViewMiddleware'` to `MIDDLEWARE` in Django settings

## See Also

* [Django Documentation on CsrfViewMiddleware](https://docs.djangoproject.com/en/2.2/ref/middleware/#django.middleware.csrf.CsrfViewMiddleware)