71c6c432a5
This was suggested by Nathan Yergler in the bug logs. Just implementing it. - Let render_csrf_form_token return None, if the CSRF_TOKEN is not available in the environ, because the process_request part of the meddleware has not yet run. - In render_template: If the returned value from above is None, then do not add the csrf_token to the templates context.