[1.2.X] Patch CSRF-protection system to deal with reported security issue. Announcement and details to follow. Backport of [13698] from trunk.

      git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@13699 bcc190cf-cafb-0310-a4f2-bffc1f526a37