diff --git a/infoscreen/views.py b/infoscreen/views.py
index f071bf4..c338453 100644
--- a/infoscreen/views.py
+++ b/infoscreen/views.py
@@ -131,6 +131,7 @@ def infoItems(request, *args, **kwargs):
     return HttpResponse(json.dumps(items))
 
 @require_http_methods(["POST"])
+@ensure_csrf_cookie
 @permission_required('infoscreen.change_infoinstance', login_url='/login')
 def createImageItem(request, *args, **kwargs):
     form = ImageUploadForm(request.POST,request.FILES)