Added support for SameSite cookie option for CSRF prevention This was an easy addon compared to the complexity of the CSRF nonce support. It only works in chromium browsers (Chrome, Opera...) at the moment. But there is recent activity on implementing it in firefox. Who know when edge/ie will adopt it. So csrf nonce and header analysis will be needed for a while.

def preset_new(db, cl, nodeid, newvalues):
    """ Make sure the status is set on new issues"""

    if newvalues.has_key('status') and newvalues['status']:
        return

    new = db.status.lookup('new')
    newvalues['status'] = new


def init(db):
    # fire before changes are made
    db.issue.audit('create', preset_new)