Fixed #22185 -- Added settings.CSRF_COOKIE_AGE

Thanks Paul McMillan for the review.
2025-11-07 07:15:35 +00:00 · 2014-03-04 00:52:28 +00:00
parent 06efeae598
commit 9b729ddd8f
6 changed files with 75 additions and 1 deletions
--- a/docs/releases/1.7.txt
+++ b/docs/releases/1.7.txt
@@ -446,6 +446,12 @@ Cache
  "non-expiring" by default. Previously, it was only possible to pass
  ``timeout=None` to the cache backend's ``set()`` method.

+Cross Site Request Forgery
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+* The :setting:`CSRF_COOKIE_AGE` setting facilitates the use of session-based
+  CSRF cookies.
+
 Email
 ^^^^^