summaryrefslogtreecommitdiff
path: root/docs/releases
diff options
context:
space:
mode:
authorRaphael Michel <mail@raphaelmichel.de>2016-06-30 18:42:11 +0200
committerTim Graham <timograham@gmail.com>2016-11-30 08:57:27 -0500
commitddf169cdaca91e92dd5bfe6796bb6f38369ecb68 (patch)
tree4c472f6baad2d938f2889c3a3f2073c7e1724a06 /docs/releases
parentf24eea3b69d9c3139f0145cd48a8962f67671aff (diff)
Refs #16859 -- Allowed storing CSRF tokens in sessions.
Major thanks to Shai for helping to refactor the tests, and to Shai, Tim, Florian, and others for extensive and helpful review.
Diffstat (limited to 'docs/releases')
-rw-r--r--docs/releases/1.11.txt3
1 files changed, 2 insertions, 1 deletions
diff --git a/docs/releases/1.11.txt b/docs/releases/1.11.txt
index fc4a5cc3f5..acc2fe10e2 100644
--- a/docs/releases/1.11.txt
+++ b/docs/releases/1.11.txt
@@ -231,7 +231,8 @@ Cache
CSRF
~~~~
-* ...
+* Added the :setting:`CSRF_USE_SESSIONS` setting to allow storing the CSRF
+ token in the user's session rather than in a cookie.
Database backends
~~~~~~~~~~~~~~~~~