From 2761ff49f406d43c749ea87f7d5ebd4e2b7c3197 Mon Sep 17 00:00:00 2001
From: Kyle Valade <kylevalade@gmail.com>
Date: Sun, 13 Jul 2014 16:11:19 -0700
Subject: Add changelog entry for CSRF status code; remove line at EOF

---
 user_guide_src/source/changelog.rst | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide_src')

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 089524659..ec38a3ea9 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -506,6 +506,7 @@ Release Date: Not Released
       -  Added ``$config['csrf_regeneration']``, which makes token regeneration optional.
       -  Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run.
       -  Modified method ``sanitize_filename()`` to read a public ``$filename_bad_chars`` property for getting the invalid characters list.
+      -  Return status code of 403 instead of a 500 if CSRF protection is enabled but a token is missing from a request.
 
    -  :doc:`Language Library <libraries/language>` changes include:
 
-- 
cgit v1.2.3-24-g4f1b