Re: [pylons-discuss] Recommendations regarding session factory?

On Sun, Apr 17, 2016 at 5:45 AM, Christoph Zwerschke wrote: > Any recommendation for a simple session factory just to support CSRF > protection? I'm asking because the default session is unencrypted and not > recommended when security is important, and pyramid_redis/beaker don't

[pylons-discuss] Recommendations regarding session factory?

Am 16.04.2016 um 23:27 schrieb Michael Merickel: - You may also set "pyramid.require_default_csrf = yes" to globally enable CSRF on your entire application and turn it off on a per-view basis using "require_csrf=False" on individual views. This requires to enable a session factory, though. I