summaryrefslogtreecommitdiff
path: root/docs/whatsnew-1.4.rst
diff options
context:
space:
mode:
authorChris McDonough <chrism@plope.com>2012-09-19 04:46:41 -0400
committerChris McDonough <chrism@plope.com>2012-09-19 04:46:41 -0400
commit68c60204490ba104c592d4de322ce21bdf6df0d3 (patch)
tree799aa2aef543aa4c9c22227d3416d74dd0df4c10 /docs/whatsnew-1.4.rst
parent68c25d39f9c0531be2916ad433904c7247c0f5c7 (diff)
parent643a83473a6faabd0ff08547a0cbca09e9cdda1c (diff)
downloadpyramid-68c60204490ba104c592d4de322ce21bdf6df0d3.tar.gz
pyramid-68c60204490ba104c592d4de322ce21bdf6df0d3.tar.bz2
pyramid-68c60204490ba104c592d4de322ce21bdf6df0d3.zip
Merge branch 'master' into 1.4-branch
Diffstat (limited to 'docs/whatsnew-1.4.rst')
-rw-r--r--docs/whatsnew-1.4.rst6
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/whatsnew-1.4.rst b/docs/whatsnew-1.4.rst
index 76320f6e6..86bfc7c0a 100644
--- a/docs/whatsnew-1.4.rst
+++ b/docs/whatsnew-1.4.rst
@@ -156,6 +156,12 @@ Minor Feature Additions
- A new :func:`pyramid.session.check_csrf_token` convenience API function was
added.
+- A ``check_csrf`` view predicate was added. For example, you can now do
+ ``config.add_view(someview, check_csrf=True)``. When the predicate is
+ checked, if the ``csrf_token`` value in ``request.params`` matches the csrf
+ token in the request's session, the view will be permitted to execute.
+ Otherwise, it will not be permitted to execute.
+
Backwards Incompatibilities
---------------------------