From ce8fad324aa30b5083852381cd48a1e027375f9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bonhomme?= Date: Wed, 10 Jul 2024 22:19:33 +0200 Subject: [PATCH] chg: [security] Secure all views with flask_wtf.csrf (#48). --- freshermeat/bootstrap.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/freshermeat/bootstrap.py b/freshermeat/bootstrap.py index 06d7cfe..4f856d7 100644 --- a/freshermeat/bootstrap.py +++ b/freshermeat/bootstrap.py @@ -26,6 +26,7 @@ from flask import request from flask_mail import Mail from flask_migrate import Migrate from flask_sqlalchemy import SQLAlchemy +from flask_wtf.csrf import CSRFProtect from werkzeug.middleware.proxy_fix import ProxyFix @@ -78,6 +79,7 @@ application.wsgi_app = ProxyFix( application.config.from_pyfile( os.environ.get("APPLICATION_SETTINGS", "development.py"), silent=False ) +csrf = CSRFProtect(application) db = SQLAlchemy(application) mail = Mail(application) migrate = Migrate(application, db) -- 2.45.2