From 14f863d9b5c323303155c79901f22c5d0e1dbe69 Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@plope.com>
Date: Sat, 8 Jan 2011 00:02:41 -0500
Subject: - ``pyramid.interfaces.ISession.get_csrf_token`` now mandates that an
   implementation should return a *new* token if one doesn't already exist in 
  the session (previously it would return None).  The internal sessioning  
 implementation has been changed.

---
 TODO.txt | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'TODO.txt')

diff --git a/TODO.txt b/TODO.txt
index a61da36b8..745b4abe4 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -16,9 +16,6 @@ Must-Have (before 1.0)
 - Use a commit veto when configuring repoze.tm2 in paster templates for
   non-1X, 2X, or 3X responses.
 
-- Make ``get_csrf_token`` call ``new_csrf_token`` (session timeout is
-  probably fine for the token).
-
 - Consider passing two callables to CallbackAuthenticationPolicy: one for
   validating/obtaining the userid, the other for returning groups.
 
-- 
cgit v1.2.3