From 6b35eb6ca3b271e2943d37307c925c5733e082d9 Mon Sep 17 00:00:00 2001
From: Michael Merickel <michael@merickel.org>
Date: Sun, 10 Apr 2016 20:50:10 -0500
Subject: rewrite csrf checks to support a global setting to turn it on

- only check csrf on POST
- support "pyramid.require_default_csrf" setting
- support "require_csrf=True" to fallback to the global setting to
  determine the token name
---
 docs/glossary.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'docs/glossary.rst')

diff --git a/docs/glossary.rst b/docs/glossary.rst
index 039665926..ef9c66b99 100644
--- a/docs/glossary.rst
+++ b/docs/glossary.rst
@@ -1098,3 +1098,11 @@ Glossary
       implementing the :class:`pyramid.interfaces.IViewDeriver` interface.
       Examples of built-in derivers including view mapper, the permission
       checker, and applying a renderer to a dictionary returned from the view.
+
+   truthy string
+      A string represeting a value of ``True``. Acceptable values are
+      ``t``, ``true``, ``y``, ``yes``, ``on`` and ``1``.
+
+   falsey string
+      A string represeting a value of ``False``. Acceptable values are
+      ``f``, ``false``, ``n``, ``no``, ``off`` and ``0``.
-- 
cgit v1.2.3