diff --git a/django/middleware/csrf.py b/django/middleware/csrf.py
index 41bf8640d6..6be68ebd76 100644
--- a/django/middleware/csrf.py
+++ b/django/middleware/csrf.py
@@ -128,7 +128,7 @@ class InvalidTokenFormat(Exception):
         self.reason = reason
 
 
-def _sanitize_token(token):
+def _check_token_format(token):
     """
     Raise an InvalidTokenFormat error if the token has an invalid length or
     characters that aren't allowed. The token argument can be a CSRF cookie
@@ -239,7 +239,7 @@ class CsrfViewMiddleware(MiddlewareMixin):
                 csrf_secret = None
             else:
                 # This can raise InvalidTokenFormat.
-                _sanitize_token(csrf_secret)
+                _check_token_format(csrf_secret)
         if csrf_secret is None:
             return None
         # Django versions before 4.0 masked the secret before storing.
@@ -386,7 +386,7 @@ class CsrfViewMiddleware(MiddlewareMixin):
             token_source = 'POST'
 
         try:
-            _sanitize_token(request_csrf_token)
+            _check_token_format(request_csrf_token)
         except InvalidTokenFormat as exc:
             reason = self._bad_token_message(exc.reason, token_source)
             raise RejectRequest(reason)
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py
index 203ef0f419..71e75854db 100644
--- a/tests/csrf_tests/tests.py
+++ b/tests/csrf_tests/tests.py
@@ -8,7 +8,7 @@ from django.middleware.csrf import (
     CSRF_ALLOWED_CHARS, CSRF_SECRET_LENGTH, CSRF_SESSION_KEY,
     CSRF_TOKEN_LENGTH, REASON_BAD_ORIGIN, REASON_CSRF_TOKEN_MISSING,
     REASON_NO_CSRF_COOKIE, CsrfViewMiddleware, InvalidTokenFormat,
-    RejectRequest, _does_token_match, _mask_cipher_secret, _sanitize_token,
+    RejectRequest, _check_token_format, _does_token_match, _mask_cipher_secret,
     _unmask_cipher_token, get_token, rotate_token,
 )
 from django.test import SimpleTestCase, override_settings
@@ -106,7 +106,7 @@ class CsrfFunctionTests(CsrfFunctionTestMixin, SimpleTestCase):
         self.assertNotEqual(cookie, TEST_SECRET)
         self.assertIs(request.META['CSRF_COOKIE_NEEDS_UPDATE'], True)
 
-    def test_sanitize_token_valid(self):
+    def test_check_token_format_valid(self):
         cases = [
             # A token of length CSRF_SECRET_LENGTH.
             TEST_SECRET,
@@ -116,10 +116,10 @@ class CsrfFunctionTests(CsrfFunctionTestMixin, SimpleTestCase):
         ]
         for token in cases:
             with self.subTest(token=token):
-                actual = _sanitize_token(token)
+                actual = _check_token_format(token)
                 self.assertIsNone(actual)
 
-    def test_sanitize_token_invalid(self):
+    def test_check_token_format_invalid(self):
         cases = [
             (64 * '*', 'has invalid characters'),
             (16 * 'a', 'has incorrect length'),
@@ -127,7 +127,7 @@ class CsrfFunctionTests(CsrfFunctionTestMixin, SimpleTestCase):
         for token, expected_message in cases:
             with self.subTest(token=token):
                 with self.assertRaisesMessage(InvalidTokenFormat, expected_message):
-                    _sanitize_token(token)
+                    _check_token_format(token)
 
     def test_does_token_match(self):
         cases = [