This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Double-submit CSRF protection for Flask applications.

Navigation

Project Description Release History Download Files

Project Links

Homepage

Meta

License: MIT License

Author: sc4reful

Maintainers

Avatar for sc4reful from gravatar.com

Classifiers

Environment
Web Environment
Intended Audience
Developers
License
OSI Approved :: MIT License
Operating System
OS Independent
Programming Language
Python
Topic
Software Development :: Libraries :: Python Modules
Project Description

# DSCsrf

Very simple and (almost) plug-and-play global CSRF filtering for Flask using the Double Submit technique outlined on OWASP at https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Double_Submit_Cookies.

How to use:

from dscsrf import Csrf from flask import Flask

app = Flask(__name__)

csrf = Csrf(app)

and that’s it!

For rendering the CSRF token in your application, under your form HTML use:

{{ csrf_token() }}
Release History

Release History

This version
History Node

1.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
dscsrf-1.0.tar.gz (1.6 kB) Copy SHA256 Checksum SHA256 Source Sep 17, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting