diff options
Diffstat (limited to 'CHANGES.rst')
| -rw-r--r-- | CHANGES.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGES.rst b/CHANGES.rst index de7ad0f8a..aeb7c3f9a 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -30,6 +30,13 @@ Features route_prefix for ``include`` and ``add_route`` calls inside the context. See https://github.com/Pylons/pyramid/pull/3279 +- Modify the builtin session implementations to support SameSite options on + cookies and set the default to ``'Lax'``. This affects + ``pyramid.session.BaseCookieSessionFactory``, + ``pyramid.session.SignedCookieSessionFactory``, and + ``pyramid.session.UnencryptedCookieSessionFactoryConfig``. + See https://github.com/Pylons/pyramid/pull/3300 + Bug Fixes --------- @@ -59,6 +66,12 @@ Backward Incompatibilities from a feature removed in Pyramid 1.5 and has had no effect since then. See https://github.com/Pylons/pyramid/pull/3299 +- Modify the builtin session implementations to set ``SameSite='Lax'`` on + cookies. This affects ``pyramid.session.BaseCookieSessionFactory``, + ``pyramid.session.SignedCookieSessionFactory``, and + ``pyramid.session.UnencryptedCookieSessionFactoryConfig``. + See https://github.com/Pylons/pyramid/pull/3300 + Documentation Changes --------------------- |