New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disabling CSRF check by default doesn't work for forms #336
Comments
As the docs said, set |
Sorry, for not clarifying, but I want to conditionally enable CSRF for certain requests using the |
For example, adding an empty form to |
Provide a minimal application may be helpful. |
I already posted a comment under your gist 17 days ago. If you have no further question, please close this issue. |
Sorry, I didn't get any notifications about your comment on the gist, but I added some more info. |
Since the problem was solved, could you close this issue? |
I noticed that setting
WTF_CSRF_CHECK_DEFAULT
doesn't won't work if the endpoint validates anyFlaskForm
. The CSRF token doesn't seem to be checked, but when I check the my logs, they say thatThe CSRF token is missing
. Would it be possible to completely disable the CSRF check for forms ifWTF_CSRF_CHECK_DEFAULT
is set to false?The text was updated successfully, but these errors were encountered: