This is an automated email from the ASF dual-hosted git repository. schultz pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push: new 1f5b578 Adjust changelog to reflect which releases actually contain which improvements to the CSRF prevention filter. 1f5b578 is described below commit 1f5b578669cd016d599d711f48d28e53573c72d1 Author: Christopher Schultz <ch...@christopherschultz.net> AuthorDate: Tue Nov 19 13:03:14 2019 -0500 Adjust changelog to reflect which releases actually contain which improvements to the CSRF prevention filter. --- webapps/docs/changelog.xml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 84377f6..3f70beb 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -52,9 +52,8 @@ example in the JSP section of the examples web application. (markt) </fix> <add> - Improvements to CsrfPreventionFilter including additional - logging, making the latest nonce available in the request attributes, - and allowing the CSRF nonce request parameter name to be customized. + Improvements to CsrfPreventionFilter: additional logging, allow the + CSRF nonce request parameter name to be customized. (schultz) </add> </changelog> @@ -66,6 +65,12 @@ <fix> Refactor JMX remote RMI registry creation. (remm) </fix> + <add> + Improvement to CsrfPreventionFilter: expose the latest available nonce + as a request attribute; expose the expected nonce request parameter + name as a context attribute. + (schultz) + </add> </changelog> </subsection> <subsection name="Coyote"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org