I have a custom template for the Event type; it causes CRSF issues when viewing events using different views (standard vs custom). It happens only when authenticated.
Is there a way to inform Plone that a custom template is "safe" (just like a standard template)?
Update: it happens even when viewing different events using the custom template (without viewing an event with the standard template), so it looks like an issue with the template.
I recently used IDisableCSRFProtection.
You can read more about it here: https://pypi.org/project/plone.protect/
I'm assuming you have a supporting .py file with your template.