The Django Foundation, creators of the popular Python-based Web framework of the same name, announced the release of Django 1.2 and with it come several new features. Django 1.2 now supports multiple database connections in a single instance. It also features "vastly" improved Cross-Site Request Forgery protection and hooks for permissions for anonymous users, improved username flexibility, and object-level permissions.

In addition, Django 1.2 supports both anonymous session-based messaging and cookie-based messaging for authenticated users.

Upgrading to 1.2 also ushers in some backwards incompatibility. Python 2.3 is no longer supported in Django 1.2. The improved Cross-Site Request Forgery protection framework is compatible with the previous system, but users of the old system won't be affected until Django 1.4, when the older famework is removed.

Authors of custom template tags should be advised that the internals have changed and are now subject to new rules. The LazyObject utility has been modified to support the Python introspection method, to avoid name clashes.

Django 1.2 is licensed under BSD and can be found at djangoproject.com/download/. With full release notes here.