Skip to content
SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
docs allow to customize the cookie samesite Sep 23, 2018
.gitmodules adding theme submodule Jun 28, 2013
LICENSE first commit Dec 6, 2011 add manifest file to fix #61 Oct 3, 2017
README.markdown Change docs URL to avoid redirect Mar 4, 2019 Added the ability to clear the current CSRF token and generate a new … Mar 20, 2019 Added Python 3 classifier to Sep 16, 2016



build status

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

CSRF vulnerabilities have been found in large and popular sites such as YouTube. These attacks are problematic because the mechanism they use is relatively easy to exploit. This extension attempts to aid you in securing your application from such attacks.

This extension is based on the excellent Django middleware.


Install the extension with one of the following commands:

$ easy_install flask-seasurf

or alternatively if you have pip installed:

$ pip install flask-seasurf


Using SeaSurf is fairly straightforward. Begin by importing the extension and then passing your application object back to the extension, like this:

from flask_seasurf import SeaSurf
csrf = SeaSurf(app)


The Sphinx-compiled documentation is available here:

You can’t perform that action at this time.