From d1aa477169205898b9b676741704f859589c352c Mon Sep 17 00:00:00 2001
From: Barry O'Donovan <barry@opensolutions.ie>
Date: Sun, 16 Jul 2017 12:43:38 +0100
Subject: [PATCH] Add PR template to remind us to perform a number of checks

---
 docs/PULL_REQUEST_TEMPLATE.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 docs/PULL_REQUEST_TEMPLATE.md

diff --git a/docs/PULL_REQUEST_TEMPLATE.md b/docs/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 000000000..f076b64d5
--- /dev/null
+++ b/docs/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,15 @@
+*PR template - remove this line and edit below*
+
+[BF] Summary of fix - fixes [inex|islandbridgenetworks]/IXP-Manager#x
+
+[NF] New feature summary - closes [inex|islandbridgenetworks]/IXP-Manager#x
+
+*Longer description*
+ 
+
+In addition to the above, I have:
+
+ - [ ] ensured all relevant template output is escaped to avoid XSS attached with `<?= $t->ee( $data ) ?>` or equivalent.
+ - [ ] ensured appropriate checks against user privilege / resources accessed
+ - [ ] API calls (particular for add/edit/delete/toggle) are not implemented with GET and use CSRF tokens to avoid CSRF attacks
+