From bc775d44d31cb7d037f6f6a5a8e8347166138e58 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jorge=20Gonz=C3=A1lez?= <steinkel@gmail.com>
Date: Thu, 25 May 2017 23:45:40 +0100
Subject: [PATCH 1/2] update references to setConfig

---
 en/controllers/components/security.rst | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/en/controllers/components/security.rst b/en/controllers/components/security.rst
index cc7abc6c81..fe5f0eaf0b 100644
--- a/en/controllers/components/security.rst
+++ b/en/controllers/components/security.rst
@@ -57,7 +57,7 @@ works::
 
     public function beforeFilter(Event $event)
     {
-        $this->Security->config('blackHoleCallback', 'blackhole');
+        $this->Security->setConfig('blackHoleCallback', 'blackhole');
     }
 
     public function blackhole($type)
@@ -105,7 +105,7 @@ allowedActions
     This can be used to control cross controller requests.
 
 These configuration options allow you to restrict cross controller
-communication. Set them with the ``config()`` method.
+communication. Set them with the ``setConfig()`` method.
 
 Form Tampering Prevention
 =========================
@@ -139,7 +139,7 @@ validatePost
     Set to ``false`` to completely skip the validation of POST
     requests, essentially turning off form validation.
 
-The above configuration options can be set with ``config()``.
+The above configuration options can be set with ``setConfig()``.
 
 Usage
 =====
@@ -241,7 +241,7 @@ There may be cases where you want to disable all security checks for an action
 
         public function beforeFilter(Event $event)
         {
-             $this->Security->config('unlockedActions', ['edit']);
+             $this->Security->setConfig('unlockedActions', ['edit']);
         }
     }
 

From edb91bf7eeaae98ff5f9200bc17df90b52c46f81 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jorge=20Gonz=C3=A1lez?= <steinkel@gmail.com>
Date: Sat, 27 May 2017 12:56:58 +0100
Subject: [PATCH 2/2] add note about deprecated config() method

---
 en/controllers/components/security.rst | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/en/controllers/components/security.rst b/en/controllers/components/security.rst
index fe5f0eaf0b..f82dd2b77d 100644
--- a/en/controllers/components/security.rst
+++ b/en/controllers/components/security.rst
@@ -65,6 +65,8 @@ works::
         // Handle errors.
     }
 
+Note: use ``$this->Security->config()`` for CakePHP versions prior to 3.4
+
 The ``$type`` parameter can have the following values:
 
 * 'auth' Indicates a form validation error, or a controller/action mismatch
@@ -105,7 +107,8 @@ allowedActions
     This can be used to control cross controller requests.
 
 These configuration options allow you to restrict cross controller
-communication. Set them with the ``setConfig()`` method.
+communication. Set them with the ``setConfig()`` method, or
+``config()`` if you are using a CakePHP version below 3.4.
 
 Form Tampering Prevention
 =========================
@@ -139,7 +142,8 @@ validatePost
     Set to ``false`` to completely skip the validation of POST
     requests, essentially turning off form validation.
 
-The above configuration options can be set with ``setConfig()``.
+The above configuration options can be set with ``setConfig()`` or
+``config()`` for CakePHP versions below 3.4.
 
 Usage
 =====
@@ -245,6 +249,8 @@ There may be cases where you want to disable all security checks for an action
         }
     }
 
+Note: use ``$this->Security->config()`` for CakePHP versions prior to 3.4
+
 This example would disable all security checks for the edit action.
 
 .. meta::