Skip to content
Commits on Dec 7, 2015
Commits on Dec 3, 2015
  1. Merge pull request #206 from underdogio/dev/

    Added support for custom token keys and making CSRF values URL safe
  2. Merge pull request #211 from qgreg/doccsrfexemptblueprint

    Document csrf exempt support of Flask blueprint
Commits on Nov 26, 2015
  1. Merge pull request #213 from lnielsen/babelex

    Add support for Flask-BabelEx.
  2. @lnielsen

    Add support for Flask-BabelEx.

    lnielsen committed
Commits on Nov 20, 2015
  1. @qgreg
Commits on Nov 19, 2015
  1. Merge pull request #210 from macrotim/docs-csrf

    Fixed docs/csrf.rst
  2. @macrotim

    Fixed docs/csrf.rst

    macrotim committed
Commits on Nov 13, 2015
Commits on Nov 2, 2015
  1. Fix FileAllowed with @ssato patch #201

Commits on Oct 27, 2015
  1. @twolfson
Commits on Aug 19, 2015
  1. Revert "Return early"

    This reverts commit b1d77ea.
Commits on Jul 9, 2015
  1. Version bump 0.12

Commits on Mar 25, 2015
  1. @mrjoes


    mrjoes committed with
    Recaptcha not always returns error-codes and flask-wtf might crash with such responses.
    Here's sample response that I got today:
    [console ready]
    >>> json_resp
    {u'success': False}
    KeyError: 'error-codes'
Commits on Feb 28, 2015
Commits on Feb 18, 2015
  1. Merge pull request #170 from nfvs/add_csrf_protect_docs

    Added csrf.protect() and CSRF_WTF_CHECK_DEFAULT to docs.
Commits on Feb 16, 2015
  1. @nfvs
  2. Return early

Commits on Feb 15, 2015
  1. Merge pull request #169 from nfvs/separate_csrf_protect

    Abstract _csrf_protect() into a separate method.
Commits on Feb 13, 2015
  1. @nfvs

    Abstract protect_csrf() into a separate method.

    nfvs committed
    Right now, CsrfProtect._csrf_protect() does 1) check if this view should
    be checked for a CSRF token, and 2) validate the actual token.
    This commit abstracts 2) into a separate method so we can manually call
    this method (for example on a before_request callback). This makes it
    possible to do further checks before validating the CSRF (e.g. skip the
    check for REST calls using OAuth).
    This commit also adds a configuration parameter WTF_CSRF_CHECK_DEFAULT,
    which will determine whether to check all views by default or not. It
    defaults to True.
Commits on Feb 10, 2015
  1. Merge pull request #168 from staeff/master

    Fix example uploadr - wrong FieldList import
Commits on Feb 9, 2015
  1. @staeff
Commits on Feb 4, 2015
  1. Fix test cases for recaptcha

  2. Update recaptcha configuration

  3. @lipis

    Fixed validation warnings

    lipis committed with
Commits on Jan 30, 2015
  1. Test less

Commits on Jan 26, 2015
  1. Update copyright and readme

Commits on Jan 21, 2015
  1. Merge pull request #162 from skj3gg/patch-2

    More CSRF doc updates
  2. Test WTForms 2.0.2

  3. Version bump 0.11

  4. Fix for recaptcha tests

Commits on Jan 19, 2015
  1. Merge pull request #164 from git-commit/recaptcha-v2

    Use reCaptcha api v2
Commits on Dec 5, 2014
  1. @git-commit
  2. @git-commit

    Renamed function parameter of `to_unicode`

    git-commit committed
    From `bytes` to `input_bytes` because `bytes` is a keyword.
Something went wrong with that request. Please try again.