- ``pyramid.interfaces.ISession.get_csrf_token`` now mandates that an

implementation should return a *new* token if one doesn't already exist in the session (previously it would return None). The internal sessioning implementation has been changed.
author: Chris McDonough <chrism@plope.com> 2011-01-08 00:02:41 -0500
committer: Chris McDonough <chrism@plope.com> 2011-01-08 00:02:41 -0500
commit: 14f863d9b5c323303155c79901f22c5d0e1dbe69 (patch)
tree: 16caffbc54ef3aa61ca7572072e6b613dfa630ad /TODO.txt
parent: b8bba60697c3397518b35e4f775464e863c0aded (diff)
download: pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.tar.gz
pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.tar.bz2
pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.zip
1 files changed, 0 insertions, 3 deletions
diff --git a/TODO.txt b/TODO.txt
index a61da36b8..745b4abe4 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -16,9 +16,6 @@ Must-Have (before 1.0)
 - Use a commit veto when configuring repoze.tm2 in paster templates for
   non-1X, 2X, or 3X responses.
 
-- Make ``get_csrf_token`` call ``new_csrf_token`` (session timeout is
-  probably fine for the token).
-
 - Consider passing two callables to CallbackAuthenticationPolicy: one for
   validating/obtaining the userid, the other for returning groups.
author	Chris McDonough <chrism@plope.com>	2011-01-08 00:02:41 -0500
committer	Chris McDonough <chrism@plope.com>	2011-01-08 00:02:41 -0500
commit	14f863d9b5c323303155c79901f22c5d0e1dbe69 (patch)
tree	16caffbc54ef3aa61ca7572072e6b613dfa630ad /TODO.txt
parent	b8bba60697c3397518b35e4f775464e863c0aded (diff)
download	pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.tar.gz pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.tar.bz2 pyramid-14f863d9b5c323303155c79901f22c5d0e1dbe69.zip