Add changelog entry for CSRF status code; remove line at EOF

author: Kyle Valade <kylevalade@gmail.com> 2014-07-14 01:11:19 +0200
committer: Kyle Valade <kylevalade@gmail.com> 2014-07-14 01:11:19 +0200
commit: 2761ff49f406d43c749ea87f7d5ebd4e2b7c3197 (patch)
tree: 9a1e2ac1c29120b8eb549927fb493b262a9d68ee /user_guide_src
parent: 05fcc09436c0c34cc5883d7840abc81ad5af7969 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 089524659..ec38a3ea9 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -506,6 +506,7 @@ Release Date: Not Released
       -  Added ``$config['csrf_regeneration']``, which makes token regeneration optional.
       -  Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run.
       -  Modified method ``sanitize_filename()`` to read a public ``$filename_bad_chars`` property for getting the invalid characters list.
+      -  Return status code of 403 instead of a 500 if CSRF protection is enabled but a token is missing from a request.
 
    -  :doc:`Language Library <libraries/language>` changes include:
author	Kyle Valade <kylevalade@gmail.com>	2014-07-14 01:11:19 +0200
committer	Kyle Valade <kylevalade@gmail.com>	2014-07-14 01:11:19 +0200
commit	2761ff49f406d43c749ea87f7d5ebd4e2b7c3197 (patch)
tree	9a1e2ac1c29120b8eb549927fb493b262a9d68ee /user_guide_src
parent	05fcc09436c0c34cc5883d7840abc81ad5af7969 (diff)