From 80cd0b1ab6b97c99863db045a2dda984e006c3b9 Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@plope.com>
Date: Wed, 19 Sep 2012 04:48:14 -0400
Subject: garden

---
 CHANGES.txt | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'CHANGES.txt')

diff --git a/CHANGES.txt b/CHANGES.txt
index e08a69b84..58e484a92 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -6,6 +6,11 @@ Features
 
 - A new ``pyramid.session.check_csrf_token`` convenience function was added.
 
+- A ``check_csrf`` view predicate was added.  For example, you can now do
+  ``config.add_view(someview, check_csrf=True)``.  When the predicate is
+  checked, if the ``csrf_token`` value in ``request.params`` matches the CSRF
+  token in the request's session, the view will be permitted to execute.
+  Otherwise, it will not be permitted to execute.
 
 1.4a1 (2012-09-16)
 ==================
-- 
cgit v1.2.3