diff options
author | Kyle Valade <kylevalade@gmail.com> | 2014-07-14 01:11:19 +0200 |
---|---|---|
committer | Kyle Valade <kylevalade@gmail.com> | 2014-07-14 01:11:19 +0200 |
commit | 2761ff49f406d43c749ea87f7d5ebd4e2b7c3197 (patch) | |
tree | 9a1e2ac1c29120b8eb549927fb493b262a9d68ee /user_guide_src/source | |
parent | 05fcc09436c0c34cc5883d7840abc81ad5af7969 (diff) |
Add changelog entry for CSRF status code; remove line at EOF
Diffstat (limited to 'user_guide_src/source')
-rw-r--r-- | user_guide_src/source/changelog.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 089524659..ec38a3ea9 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -506,6 +506,7 @@ Release Date: Not Released - Added ``$config['csrf_regeneration']``, which makes token regeneration optional. - Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run. - Modified method ``sanitize_filename()`` to read a public ``$filename_bad_chars`` property for getting the invalid characters list. + - Return status code of 403 instead of a 500 if CSRF protection is enabled but a token is missing from a request. - :doc:`Language Library <libraries/language>` changes include: |