diff --git a/django/contrib/csrf/middleware.py b/django/contrib/csrf/middleware.py
index 24c1511c91..2c8d97b2e6 100644
--- a/django/contrib/csrf/middleware.py
+++ b/django/contrib/csrf/middleware.py
@@ -16,7 +16,7 @@ from django.utils.safestring import mark_safe
_ERROR_MSG = mark_safe('403 Forbidden
Cross Site Request Forgery detected. Request aborted.
')
_POST_FORM_RE = \
- re.compile(r'(]*\bmethod=(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
+ re.compile(r'(]*\bmethod\s*=\s*(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
_HTML_TYPES = ('text/html', 'application/xhtml+xml')