From ea93cfd8295b215a19fcc0cd0f28ec9810616528 Mon Sep 17 00:00:00 2001
From: Luke Cyca <me@lukecyca.com>
Date: Sun, 2 Jun 2013 19:05:36 -0700
Subject: Changed header name to X-CSRF-Token

---
 pyramid/session.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pyramid/session.py b/pyramid/session.py
index 0433488d8..3708ef879 100644
--- a/pyramid/session.py
+++ b/pyramid/session.py
@@ -83,14 +83,14 @@ def signed_deserialize(serialized, secret, hmac=hmac):
 
 def check_csrf_token(request,
                      token='csrf_token',
-                     header='X-CSRFToken',
+                     header='X-CSRF-Token',
                      raises=True):
     """ Check the CSRF token in the request's session against the value in
     ``request.params.get(token)`` or ``request.headers.get(header)``.
     If a ``token`` keyword is not supplied to this function, the string
     ``csrf_token`` will be used to look up the token in ``request.params``.
     If a ``header`` keyword is not supplied to this function, the string
-    ``X-CSRFToken`` will be used to look up the token in ``request.headers``.
+    ``X-CSRF-Token`` will be used to look up the token in ``request.headers``.
 
     If the value supplied by param or by header doesn't match the value
     supplied by ``request.session.get_csrf_token()``, and ``raises`` is
-- 
cgit v1.2.3