Blog Take care of Django comments and per-site caching

Django's comment systems adds an anti-spam feature that prevents "reply attacks" based on a timestamp. What does that mean? The comment form generates a hidden input field containing the current timestamp:

<input type="hidden" name="timestamp" value="1249296113" />

If a user (most likely a spam bot) tries to submit this comment form value after 2 hours, the comment gets blocked and a CommentPostBadRequest is returned (which is basically a HTTP 400 error).

I think this is a useful behaviour but, unfortunately, it breaks with my site design. All weblog detail views are cached for a very long time (currently 7 days), with it the comment form and and so the generated timestamp is practically always expired.

Disabling the timestamp check

What I did is that I disabled the timestamp check completly. There is no setting for and no setting to extend the validation period. So I simply abstracted the original CommentForm and overwritten the clean_timestamp method which now always returns a timestamp without raising an error.

All these steps are well documented in Django's documentation: Customizing the comments framework. However, here is the code I used:

# my_comments_app.forms
from django.contrib.comments.forms import CommentForm

class ExtendedCommentForm(CommentForm):
    def clean_timestamp(self):
        return self.cleaned_data["timestamp"]

# my_comments_app.__init__
from django.contrib.comments.models import Comment
from my_comments.forms import ExtendedCommentForm

def get_model():
    return Comment

def get_form():
    return ExtendedCommentForm