summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKyle Valade <kylevalade@gmail.com>2014-07-14 01:11:19 +0200
committerKyle Valade <kylevalade@gmail.com>2014-07-14 01:11:19 +0200
commit2761ff49f406d43c749ea87f7d5ebd4e2b7c3197 (patch)
tree9a1e2ac1c29120b8eb549927fb493b262a9d68ee
parent05fcc09436c0c34cc5883d7840abc81ad5af7969 (diff)
Add changelog entry for CSRF status code; remove line at EOF
-rwxr-xr-xsystem/core/Security.php2
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 2 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index f1802f0c4..68e345c54 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -934,4 +934,4 @@ class CI_Security {
}
/* End of file Security.php */
-/* Location: ./system/core/Security.php */
+/* Location: ./system/core/Security.php */ \ No newline at end of file
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 089524659..ec38a3ea9 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -506,6 +506,7 @@ Release Date: Not Released
- Added ``$config['csrf_regeneration']``, which makes token regeneration optional.
- Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run.
- Modified method ``sanitize_filename()`` to read a public ``$filename_bad_chars`` property for getting the invalid characters list.
+ - Return status code of 403 instead of a 500 if CSRF protection is enabled but a token is missing from a request.
- :doc:`Language Library <libraries/language>` changes include: