Skip to main content

A simple integration of the CTX defense against side-channel attacks for Flask projects.

Project description


A simple integration of the CTX defense against side-channel attacks for Flask projects.


- Python 2.5+
- Flask 0.10+
- ctx-defense


- Install the latest stable version using ``pip``:

pip install flask-ctx


- Import the *ctx_processor* function from ctx's context processors:
from flask_ctx.context_processors import ctx_processor

- Add the *ctx_processor* in the application's context processors:

Basic Usage

- Use the *ctx_protect* function to use ctx on secrets:
{{ ctx_protect(secret, origin, alphabet) }}

*secret* is a string containing the secret that needs to be protected and *origin*
is a string uniquely identifying the CTX origin for the secret. *alphabet* is
an optional argument to define the alphabet that the secret belongs to, default
being the [ASCII_printable]( characters.

- Add the *ctx_permutations* function to include the used permutations for each
{{ ctx_permutations() }}

The *ctx_permutations* function needs to run after all *ctx_protect* calls
that use an origin for the first time. It is proposed that it is included
before the *</body>* HTML tag.

- Include the ctx *client script* in the template:
<script src="ctx.js"></script>


<!DOCTYPE html>


<meta charset="utf-8">
<title>flask-ctx Example</title>

This is a very sensitive secret: {{ ctx_protect("a secret", "origin1") }}
This is another very sensitive secret: {{ ctx_protect("another secret", "origin2") }}

{{ ctx_permutations() }}
<script src="ctx.js"></script>


Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for flask-ctx, version 1.0.0
Filename, size File type Python version Upload date Hashes
Filename, size flask_ctx-1.0.0-py2.py3-none-any.whl (5.4 kB) File type Wheel Python version py2.py3 Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page