orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
5523 commits 4 branches 69 tags 37 MiB
Find a file
Koda Reef 8342e68712 Default SESSION_COOKIE_SAMESITE to "Lax" 
Change the default value of SESSION_COOKIE_SAMESITE from None to
"Lax". When set to None, Flask does not include the SameSite
attribute on session cookies, relying on browser defaults.

While modern browsers default to Lax behavior when the attribute is
absent, setting it explicitly ensures consistent CSRF defense across
all browser versions, including older ones that do not apply the Lax
default.

Django has defaulted to "Lax" since 2.1 (2018). This aligns Flask
with the ecosystem standard.

Applications that require cross-site cookie behavior can set
SESSION_COOKIE_SAMESITE to None (with SESSION_COOKIE_SECURE=True).
2026-03-22 23:51:28 +00:00
.devcontainer update project files (#5457) 2024-04-07 10:24:40 -07:00
.github Merge branch 'stable' 2026-03-08 16:21:50 -07:00
docs Merge branch 'stable' 2026-03-04 07:36:21 -08:00
examples Abort if the instance folder cannot be created 2026-01-27 09:18:37 +01:00
src/flask Default SESSION_COOKIE_SAMESITE to "Lax" 2026-03-22 23:51:28 +00:00
tests all teardown callbacks are called despite errors 2026-02-19 19:41:50 -08:00
.editorconfig update project files (#5457) 2024-04-07 10:24:40 -07:00
.gitignore use uv 2025-05-11 17:58:53 -07:00
.pre-commit-config.yaml Merge branch 'stable' 2026-03-08 16:21:50 -07:00
.readthedocs.yaml use uv 2025-05-11 17:58:53 -07:00
CHANGES.rst all teardown callbacks are called despite errors 2026-02-19 19:41:50 -08:00
LICENSE.txt update project files (#5457) 2024-04-07 10:24:40 -07:00
pyproject.toml fix editable werkzeug 2026-02-03 10:20:49 -08:00
README.md svg logo 2025-06-12 13:46:49 -07:00
uv.lock Merge branch 'stable' 2026-03-08 16:21:50 -07:00

README.md

Flask

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja, and has become one of the most popular Python web application frameworks.

Flask offers suggestions, but doesn't enforce any dependencies or project layout. It is up to the developer to choose the tools and libraries they want to use. There are many extensions provided by the community that make adding new functionality easy.

A Simple Example

# save this as app.py
from flask import Flask

app = Flask(__name__)

@app.route("/")
def hello():
    return "Hello, World!"

$ flask run
  * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)

Donate

The Pallets organization develops and supports Flask and the libraries it uses. In order to grow the community of contributors and users, and allow the maintainers to devote more time to the projects, please donate today.

Contributing

See our detailed contributing documentation for many ways to contribute, including reporting issues, requesting features, asking or answering questions, and making PRs.