Suggested fixes by iCR, OpenRefactory, Inc.

This commit is contained in:
openrefactory 2022-09-01 12:46:56 +06:00
parent 73b9bacbf7
commit d87794d290
2 changed files with 8 additions and 0 deletions

View file

@ -1,5 +1,9 @@
from flask import Flask from flask import Flask
from flask_wtf.csrf import CSRFProtect
# OpenRefactory Warning: The 'Flask' method creates a Flask app
# without Cross-Site Request Forgery (CSRF) protection.
app = Flask(__name__) app = Flask(__name__)
CSRFProtect(app)
from js_example import views # noqa: F401 from js_example import views # noqa: F401

View file

@ -1,11 +1,15 @@
import os import os
from flask import Flask from flask import Flask
from flask_wtf.csrf import CSRFProtect
def create_app(test_config=None): def create_app(test_config=None):
"""Create and configure an instance of the Flask application.""" """Create and configure an instance of the Flask application."""
# OpenRefactory Warning: The 'Flask' method creates a Flask app
# without Cross-Site Request Forgery (CSRF) protection.
app = Flask(__name__, instance_relative_config=True) app = Flask(__name__, instance_relative_config=True)
CSRFProtect(app)
app.config.from_mapping( app.config.from_mapping(
# a default secret that should be overridden by instance config # a default secret that should be overridden by instance config
SECRET_KEY="dev", SECRET_KEY="dev",