diff options
| author | Raphael Michel <mail@raphaelmichel.de> | 2016-06-30 18:42:11 +0200 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-11-30 08:57:27 -0500 |
| commit | ddf169cdaca91e92dd5bfe6796bb6f38369ecb68 (patch) | |
| tree | 4c472f6baad2d938f2889c3a3f2073c7e1724a06 /docs/releases | |
| parent | f24eea3b69d9c3139f0145cd48a8962f67671aff (diff) | |
Refs #16859 -- Allowed storing CSRF tokens in sessions.
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
Diffstat (limited to 'docs/releases')
| -rw-r--r-- | docs/releases/1.11.txt | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/docs/releases/1.11.txt b/docs/releases/1.11.txt index fc4a5cc3f5..acc2fe10e2 100644 --- a/docs/releases/1.11.txt +++ b/docs/releases/1.11.txt @@ -231,7 +231,8 @@ Cache CSRF ~~~~ -* ... +* Added the :setting:`CSRF_USE_SESSIONS` setting to allow storing the CSRF + token in the user's session rather than in a cookie. Database backends ~~~~~~~~~~~~~~~~~ |
