diff --git a/ChangeLog.md b/ChangeLog.md
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,17 @@
+## 1.5
+
+* remove deprecated addNonce functions
+* You can now configure testing middleware
+
+Configuring middleware makes it easy to add logging among other things.
+middleware is applied to the wai app before each test.
+
+If you follow the yesod scaffold, you probably have a
+withApp function in TestImport.hs.
+This function should now return (foundation, middleware).
+`id` is an acceptable value for middleware.
+
+
 ## 1.4.4
 
 test helpers for CRSF middleware such as addTokenFromCookie
diff --git a/Yesod/Test.hs b/Yesod/Test.hs
--- a/Yesod/Test.hs
+++ b/Yesod/Test.hs
@@ -33,6 +33,9 @@
     , yesodSpecApp
     , YesodExample
     , YesodExampleData(..)
+    , TestApp
+    , YSpec
+    , testApp
     , YesodSpecTree (..)
     , ydescribe
     , yit
@@ -75,8 +78,6 @@
     -- these functions to add the token to your request.
     , addToken
     , addToken_
-    , addNonce
-    , addNonce_
     , addTokenFromCookie
     , addTokenFromCookieNamedToHeaderNamed
 
@@ -542,7 +543,7 @@
 --
 -- You can set this parameter like so:
 --
--- > request $ do 
+-- > request $ do
 -- >   fileByLabel "Please submit an image" "static/img/picture.png" "img/png"
 --
 -- This function also supports the implicit label syntax, in which
@@ -559,16 +560,6 @@
   name <- nameFromLabel label
   addFile name path mime
 
--- | An alias for 'addToken_'.
-addNonce_ :: Query -> RequestBuilder site ()
-addNonce_ = addToken_
-{-# DEPRECATED addNonce_ "Use 'addToken_' instead; 'addNonce_' will be removed in the next major version. Reasoning: Yesod's CSRF tokens are not actually nonces (one-time values), so yesod-form moved to calling them tokens instead. yesod-test is now using the word token as well. See https://github.com/yesodweb/yesod/issues/914 for details." #-}
-
--- | An alias for 'addToken'.
-addNonce :: RequestBuilder site ()
-addNonce = addToken
-{-# DEPRECATED addNonce "Use 'addToken' instead; 'addNonce' will be removed in the next major version. Reasoning: Yesod's CSRF tokens are not actually nonces (one-time values), so yesod-form moved to calling them tokens instead. yesod-test is now using the word token as well. See https://github.com/yesodweb/yesod/issues/914 for details." #-}
-
 -- | Lookups the hidden input named "_token" and adds its value to the params.
 -- Receives a CSS selector that should resolve to the form element containing the token.
 --
@@ -917,15 +908,20 @@
 failure :: (MonadIO a) => T.Text -> a b
 failure reason = (liftIO $ HUnit.assertFailure $ T.unpack reason) >> error ""
 
+type TestApp site = (site, Middleware)
+testApp :: site -> Middleware -> TestApp site
+testApp site middleware = (site, middleware)
+type YSpec site = Hspec.SpecWith (TestApp site)
+
 instance YesodDispatch site => Hspec.Example (ST.StateT (YesodExampleData site) IO a) where
-    type Arg (ST.StateT (YesodExampleData site) IO a) = site
+    type Arg (ST.StateT (YesodExampleData site) IO a) = TestApp site
 
     evaluateExample example params action =
         Hspec.evaluateExample
-            (action $ \site -> do
+            (action $ \(site, middleware) -> do
                 app <- toWaiAppPlain site
                 _ <- ST.evalStateT example YesodExampleData
-                    { yedApp = app
+                    { yedApp = middleware app
                     , yedSite = site
                     , yedCookies = M.empty
                     , yedResponse = Nothing
diff --git a/yesod-test.cabal b/yesod-test.cabal
--- a/yesod-test.cabal
+++ b/yesod-test.cabal
@@ -1,5 +1,5 @@
 name:               yesod-test
-version:            1.4.4
+version:            1.5
 license:            MIT
 license-file:       LICENSE
 author:             Nubis <nubis@woobiz.com.ar>
