and store authentication tokens to your database and/or cookies. In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authentication tokens to make requests to the tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. Several methods related to HTTP status codes https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579b c67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authentication tokens to make requests to the tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/ ˓→7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authentication tokens to make requests to the tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/ ˓→7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authentication tokens to make requests to the tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/ ˓→7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authentication tokens to make requests to the tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/ ˓→7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authen- tication tokens to make requests to tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authen- tication tokens to make requests to tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authen- tication tokens to make requests to tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authen- tication tokens to make requests to tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)

store authentication tokens to your database and/or cookies. • In non-login handlers, use methods such as facebook_request() or twitter_request() to use the authen- tication tokens to make requests to tornado.web.ErrorHandler no longer requires XSRF tokens on POST requests, so posts to an unknown url will always return 404 instead of complaining about XSRF tokens. • Several methods related to HTTP status https://github.com/tornadoweb/tornado/commit/7a7e24143e77481d140fb5579bc67e4c45cbcfad * When XSRF tokens are used, the token must also be present on PUT and DELETE requests (anything but GET and HEAD)