diff options
| author | Steve Piercy <web@stevepiercy.com> | 2019-08-18 10:00:23 -1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-18 10:00:23 -1000 |
| commit | a232b698f78d15c36d525660399f3a1451d86977 (patch) | |
| tree | 558015304fa06275a0ba89b5c9fdb742bedf5082 /src | |
| parent | dbef47bdd0c0f1b719bc442635acb01a66cf8b5f (diff) | |
| parent | d98b838c88a9ea630f422f84d7e08eb83f3934f9 (diff) | |
| download | pyramid-a232b698f78d15c36d525660399f3a1451d86977.tar.gz pyramid-a232b698f78d15c36d525660399f3a1451d86977.tar.bz2 pyramid-a232b698f78d15c36d525660399f3a1451d86977.zip | |
Merge pull request #3506 from Pylons/linkcheck-fixes
run linkcheck, fix redirects, change busted links to inline literals
Diffstat (limited to 'src')
| -rw-r--r-- | src/pyramid/csrf.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/pyramid/csrf.py b/src/pyramid/csrf.py index 26c628acc..deb35fedb 100644 --- a/src/pyramid/csrf.py +++ b/src/pyramid/csrf.py @@ -97,9 +97,9 @@ class SessionCSRFStoragePolicy(object): class CookieCSRFStoragePolicy(object): """ An alternative CSRF implementation that stores its information in unauthenticated cookies, known as the 'Double Submit Cookie' method in the - `OWASP CSRF guidelines <https://www.owasp.org/index.php/ - Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet# - Double_Submit_Cookie>`_. This gives some additional flexibility with + `OWASP CSRF guidelines + <https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie>`_. + This gives some additional flexibility with regards to scaling as the tokens can be generated and verified by a front-end server. |